Forum Discussion
Colin_Walker_12
Dec 20, 2007Historic F5 Account
Ahh, I was a little concerned this is the turn this thread would take. :-/
The short answer is: Unfortunately, no, there is no way that we can get the iRule to do host inspection before the SSL negotiation.
A slightly longer version: If you think about the data that you're trying to inspect when reading the HTTP host name, you're trying to access information that is inside the HTTP headers. Those headers are encrypted via SSL for security. So until you decrypt the transaction with the proper SSL negotiation, that data is unreadable.
This is a question we've been asked a lot, and is very much a chicken and egg scenario.
I wish I could be of more help.
Colin