Forum Discussion

Nimbostratus

Jul 11, 2011

Append FQDN to https request

Hello, I am sure this has been asked many times, but I could not find it in search. We use our F5s here internally, and the users can get to the websites using an internal hostname - like ht...

Historic F5 Account

Jul 11, 2011

As Aaron mentioned, there's a bit of a chicken vs. egg issue that many users end up facing when dealing with manipulating SSL traffic. The traffic must be decrypted on the LTM before any manipulation can be performed. The problem is, as in this case, if the user is requesting a name not represented on the certificate, they're going to get the initial mismatch error on the first handshake with the LTM, even if you're decrypting SSL on the LTM. At that point, now that the traffic is decrypted, you can certainly manipulate the traffic at will, but it's too late to stop them from seeing the initial SSL mismatch error.

Colin

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Append FQDN to https request

Recent Discussions

Decode ObjectSID from Base64-encode string

ip x-forwarding

F5 ASM API-Protection Policy

ports are showing open on online scanning tool

Upgrade F5 BIGIP

Related Content

HTTP Serverside Chunking For One Dot Zero Requests

How to limit http request rate

HTTPS requests get converted to HTTP

How do i append to a url

Http redirection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS