re direction ssl profiles

Question

Hello,  First I am not a programmer.  I figure this would be very simple.   
&nbsp;  
&nbsp; Problem: 
&nbsp;  
&nbsp; I have a single VIP that handles multiple web sites.  These web sites require an ssl cert.  They have different domain names.  how would I right an i rule to re direct the url to the proper profile. 
&nbsp;  
&nbsp; Complete so far: 
&nbsp;  
&nbsp; Created three SSL profiles xyz_wildcard for *.xyz.com, xyz12_wildcard for *.xyz12.com, and xyz123456_wildcard for *.xyz123456.com 
&nbsp;  
&nbsp; I need an irule that would do the following: 
&nbsp;  
&nbsp; if url contains *.xyz.com use xyz_wildcard ssl client profile, elseif url contains *.xyz12.com then use xyz12_wildcard ssl client profile, elseif url contains *.xyz123456.com then use xyz123456_wildcard ssl client profile 
&nbsp;  
&nbsp;  
&nbsp; Can this be done?

jrahm · Answer

Unfortunately no, unless you control all the client browsers and can mandate TLS with the SNI option enabled.  With TLS-SNI, you could write an iRule to select the appropriate profile.  Without it, you won't know what profile you need until after the decryption takes place.

Forum Discussion

re direction ssl profiles

1 Reply

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

SSL Profiles

SSL Profiles Part 6: SSL Renegotiation

SSL Profiles Part 5: SSL Options

SSL Profiles Part 8: Client Authentication

Modify SSL profiles via REST API