Sully728_88740
Dec 04, 2008Nimbostratus
How to require SSL certificate for a single host header
Hope some one can help.
What we have to day is a single VIP with the SSL Client profile certificate set to ignore. The current i-rule handles three host headers. Moving forward we want to require the client certificate on example1 and example2 host headers and leave example3 at ignore.
Here is the current i-rule.
when HTTP_REQUEST {
if { ( [string tolower [HTTPS::host]] contains "example1.com" ) } {
pool example1
} elseif { ( [string tolower [HTTPS::host]] contains "example2.com" ) } {
pool example2
} elseif { ( [string tolower [HTTPS::host]] contains "example3.com" ) } {
pool example3
}
else { discard }
}