Forum Discussion

Nimbostratus

Sep 18, 2018

Irule help

To create a irule to create a client ssl profile and server ssl profile on Virtual server using SNI with a wildcard certificate with SAN. This virtual server would used for different environmet ...

application delivery

LTM

Stanislas_Piro2

Cumulonimbus

Sep 21, 2018

Hi,

This code won’t work

set hostname HTTP::header replace Host "[class match -value [SSL:extension sni name ] equals "hostgroup"]"

May be this one

set hostname [HTTP::header replace Host "[class match -value [SSL:extension sni name ] equals "hostgroup"]" ]

I’m not sure [SSL:extension sni name ] works in HTTP_REQUEST event. You may catch it in CLIENTSSL_CLIENTHELLO, and change the host header in HTTP_REQUEST

when CLIENTSSL_CLIENTHELLO {
    set hostname [class match -value [SSL:extension sni name ] equals "hostgroup"]
}

when HTTP_REQUEST {
    HTTP::header replace Host $hostname
}
when SERVERSSL_CLIENTHELLO_SEND {   
    set bin [binary format S1S1S1S1ca* 0 [expr [string length $hostname] + 5] [expr [string length $hostname] + 3] 0 [string length $hostname] $hostname]   
    SSL::extensions insert $bin 
}

Forum Discussion

Irule help

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

iRULE regsub error

owa iapp assign irule

Irule Trigger two times

iRule assistance for subfolder redirect

IRule to select IRule doesn't work even if the condition triggers