Immediately redirect HTTPS sessions without a valid cert

Question

I'm on LTM 10.2.4.  &nbsp;
What I'm trying to do is have a VS that has no valid certificate (https client profile) on it, and no pool behind it, and just have it IMMEDIATELY redirect the connecting https clients to a URL (which is actually a completely different VS).  Note that the clients already have a favorite in their browser that is for  which currently points directly to a web server.  I don't have the cert for click.this.com is my problem.  We're going to kill that server off and then create a CName for click.this.com to resolve to new.that.com, which will resolve to a VS's IP on the F5.  I just need that VS to immediately redirect the user's browser to a totally different URL.&nbsp;
So far it appears the HTTPS session needs to complete before any iRules kick in to redirect the session.  So naturally without having the cert loaded for click.this.com the users will get a cert warning, which they have to accept first, then the iRule kicks in to redirect.  Can't have users getting a warning.&nbsp;
I know the easy thing here would be to have the server guys put a redirect right on the current click.this.com web server to get them to the new URL but (1) I don't know how they feel about that and (2) I really want know if this can be done on the F5 or not!&nbsp;
Thanks in advance.&nbsp;

arpydays · Answer

Hi, SSL is negotiated before HTTP so you can't redirect before the cert is validated on the client.&nbsp;

Forum Discussion

Immediately redirect HTTPS sessions without a valid cert

1 Reply

Recent Discussions

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

[ASM] - what is "Browser Challange file" ?

LDAPS and renegotiation

Related Content

Anchor Link Redirect

Ending an APM session when browser tab is closed

Agility sessions announced

SSH window closes immediately after login

url redirect