You could also use RewriteCond and RewriteRule on the apache instances (if you're using apache with ssl after the BigIP, otherwise I think the F5 can be configured to do this as well) to enforce this. Obviously it would be nice to have this handled with in the application, but if you need a quick fix that's easier than re-encrypting the connection to the JBoss server that might work. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4101649#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...