Add option -a, add possibility to manage ssl client profiles and vserver rules

1 files changed, 16 insertions, 1 deletions

diff --git a/README.pod b/README.pod
index ca50e31..4d3429d 100644
--- a/README.pod
+++ b/README.pod
@@ -134,7 +134,7 @@ And everything can be deleted as folows:
 
 A simple HTTP NATed service can be created as follows.
 
-  fapi vserver myvserver.example.com:80 create PROTOCOL_TCP /Common/http
+  fapi vserver myvserver.example.com:80 create PROTOCOL_TCP http
   fapi vserver myvserver.example.com:80 set vlan VLANNAME
   fapi vserver myvserver.example.com:80 set pool foopool
 
@@ -150,6 +150,21 @@ You need also to set the SNAT flag as follows:
 
   fapi vserver myvserver.example.com:80 set snat automap
 
+=head2 Settung up simple SNAT Services with SSL offloading enabled
+
+Just like SNAT service (use port 443) but with these additional steps
+
+First Upload the SSL certificate to the F5 BIG IP (e.g. System -> File Management
+-> SSL Certificate List on BIG IP V11.4). 
+
+  # Afterwards create a new SSL profile to use the new certificate:
+  # (Will automatically use key/crt myserver.example.com.{key,crt})
+  fapi profileclientssl myserver.example.com create
+
+  # Then attach that profile to the vserver (default context is 
+  # PROFILE_TYPE_CLIENT_SSL, which means SSL between F5 and Clients)
+  fapi vserver myvserver.example.com:443 profile add myserver.example.com
+
 =head2 About the NAME argument
 
 In most cases NAME can be a hostname, FQDN or an IP address. Optionally folled