Forum Discussion

Nimbostratus

Jun 07, 2007

SSL unencrypt/reencrypt after looking at header

Here is my situation. We are looking to send SSL (port 443) traffic to different pools based upon host header. and either un-encrypt or re-encrypt based upon pool used. I have not found any ...

Nimbostratus

Jun 13, 2007

I added some logging into the iRule. According to the logs it looks like it is getting redirected to the proper pool and that the SSL::Disable is triggering:

Jun 13 12:34:16 tmm tmm[1629]: 01220002:6: Rule FOG_Passthrough_443 : local0."test1"

Jun 13 12:34:16 tmm tmm[1629]: 01220002:6: Rule FOG_Passthrough_443 : local0."nossl"

Any idea why the web server would be getting 501 errors in the logs? Is this because the browser still has https in the url?

when HTTP_REQUEST {

set reencrypt 0

if { [HTTP::header Host] == "xxxxxxxxxxx" }{

{

pool xxxxxxxxxxxx

log local0."test1"

} else {

set reencrypt 1

pool fog-sec.443

log local0."test2"

}

when SERVER_CONNECTED {

if { $reencrypt == 0 }{

SSL::disable

log local0."nossl"

}

Forum Discussion

SSL unencrypt/reencrypt after looking at header

Recent Discussions

Telemetry streaming to Elasticsearch

Portal Access to HTTPS resources slow

Provisioning r2600 equipment

Could not connect to SMTP host.

Block CBC

Related Content

Looking for Setup Advice

A look on APT operations and using F5 BIG-IP features for mitigation

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

Security headers

F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing