For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

fgomez_219402's avatar
fgomez_219402
Icon for Nimbostratus rankNimbostratus
Sep 02, 2015

apply an SSL profile in order to apply an iRule

Hi,   I need to apply an iRule to a VS. However, I just can't apply an http profile since the VS is for a 443 pool. The cert is currently installed on the "pool" side. So my question is can I sti...
application delivery
design
devops
iRules
arpydays's avatar
arpydays
Icon for Nimbostratus rankNimbostratus
Sep 02, 2015

Yes, you will need a cert in the client-SSL profile for Option 2, this will be the one the users type in the browser. THe webserver cert can be the same or different as the F5 doesn't verify the webserver cert by default.

 

Option 3 is also an option for you if you were only checking the client IP as that should be done with the CLIENT_ACCEPTED event (layer3) and doesn't need HTTP. Therefore you wouldn't need any SSL profiles or HTTP profiles. But this may limit you if wanted to do anything else at HTTP, e.g. ASM, cookie persistence etc..