Forum Discussion
John
Jun 28, 2023Altostratus
So, we noticed that the oAuth server calls out to check token with the provider didn't include SNI in the clienthello in TLS handshake. There is an option of course on the oAuth server to select a serverside ssl profile where we can set SNI, but we wanted it to be dynamic. We already use a SNI inject irule (https://my.f5.com/manage/s/article/K41600007), so just tried applying that iRule to the oAuth server and found it works! So the HTTP_REQUEST and SERVERSSL_CLIENTHELLO_SEND are valid.