Forum Discussion
hooleylist
Jan 11, 2010Cirrostratus
If you want to inspect or modify the HTTP headers or payload (including the URI), you must decrypt the SSL on LTM. If you need to also use SSL between LTM and the servers, you could decrypt on the clientside using a client SSL profile and re-encrypt on the serverside using a server SSL profile.
If you did decrypt the SSL, you'd want to specify a pool for all cases in the rule when you specify a pool for any case. Here is an example where you don't need to explicitly define the VIPs default pool by name:
when CLIENT_ACCEPTED {
set default_pool [LB::server pool]
}
when HTTP_REQUEST {
if {[HTTP::uri] starts_with "/test/" } {
pool test1_443
} else {
pool $default_pool
}
}
Aaron