Serverside SNI injection iRule
Updated Jun 06, 2023
Version 2.0Was this article helpful?
Hi Kay,
Actually Server Name can be enabled, it just has to be empty. Wonder why not use something like that in SERVERSSL_CLIENTHELLO_SEND:
clientside {
set sni_value [getfield [HTTP::host] ":" 1]
log local0. "SNI should be: \"$sni_value\""
}
I know that TCL error ("{badEventContext {command is not valid in current event context (SERVER_CONNECTED)} is generated when saving iRule but according to support as long as you are actually processing HTTP at clientside this will work without issue - and indeed it works for me.
Any comments why not to use?
Piotr