Forum Discussion
Kevin_Stewart
Jul 03, 2014Employee
You don't need to switch between HTTP profiles if you're just encrypting cookies. An iRule will do the job. Here's a variation of the HTTP cookie encryption article:
https://devcentral.f5.com/wiki/iRules.EncryptingCookies.ashx
when CLIENT_ACCEPTED {
set cookielist [list "USERID" "METRICS"]
set encryption_passphrase "abcd1234"
}
when HTTP_REQUEST {
foreach x [HTTP::cookie names] {
if { [lsearch $cookielist $x] ne "-1" } {
set decrypted [HTTP::cookie decrypt $x $encryption_passphrase]
if { $decrypted eq "" } {
HTTP::cookie remove $x
}
}
}
}
when HTTP_RESPONSE {
foreach x [HTTP::cookie names] {
if { [lsearch $cookielist $x] ne "-1" } {
HTTP::cookie encrypt $x $encryption_passphrase
}
}
}