Sorry, but this sounds like more an issue with your expectations than with SSL itself.
I don't believe that the redirect from HTTP to HTTPS is being done by this iRule. It really has to be elsewhere (e.g. an HTTP URL with HTTP to HTTPS system iRule or another simple custom iRule attached?)
Quick hint. Short names are not good. Especially when you're dealing with HTTPS. They're ambiguous and prone to hijack. e.g. if you're on someone else wifi using DHCP.
The name you type in the browser, HAS to agree with the name in the certificate. That's how the basic security checks work. The certificate is 'guaranteeing' that the site you entered in the URL is the site your'e talking to. If the URL has the short-name and you're relying on the DNS library to append the rest of the name to perform the lookup, then the name you typed and the name in the cert don't match. Result is an error/warning from the browser to warn you.
You can mask HALF of this... On the VS that's doing the HTTPS to HTTP redirect, make sure it redirects to the FQDN.
i.e. http://short-name/whetever redirects to https://short-name.domain/whatever
and not just the name entered in the HOST header (Unless you have multiple sites/names on the same IP you won't even have to do a redirect to what's in the HOST header. You can hard-code the redirect to the same name that's in the certificate. if you do then some more logic will be required).
HOWEVER that doesn't stop you from getting an error IF you type https://short-name/ (Sorry, that is a feature of SSL/TLS. name has to match).
Now... The reason your error goes away AFTER the redirect from this iRule is because your iRule is on the HTTPS VS. That means it gets run AFTER The SSL/TLS negotiation. SO you hit the VS once with the 'wrong' name. Get redirected and then hit the 'right' name.
Nimbostratus
