Forum Discussion
helm123_141710
Jan 29, 2015Nimbostratus
Thanks Stephen,
Yep this is actually the SSL (2-way) connection from the F5 to the real servers. Actually have a decent number of pools inside the irule that are going to require different cert/key pairs (server ssl profiles) determined by the customers real servers. Started looking at some of the examples that showed the CLIENT_ACCEPTED setup that Google helped me find.
Was able to get this irule configuration accepted when I hit update.
when CLIENT_ACCEPTED {
if { $doSSL == 1 }{
SSL::enable serverside
SSL::profile CompanyA
}
elseif { $doSSL == 2 }{
SSL::enable serverside
SSL::profile CompanyB
}
}
when HTTP REQUEST {
switch -glob [HTTP::uri] {
"/external/lifts/docs" -
"/internal/sites" {
set doSSL 1
pool CompanyA
}
"/external/boats/docs" -
"/internal/states" {
set doSSL 2
pool CompanyB
}
}
}