Forum Discussion
Mike757
Feb 11, 2023MVP
behavior of SSL::disable serverside
Hello!
I've configured an https virtual server, with an associated iRule that chooses the server pool according to the URI.
The only unusual thing is that some of the pools have SSL servers and o...
- Feb 11, 2023
Better give the config of list ltm virtual xxx and serverside tcpdump to watch whether F5 send clienthello to this pool member
modify this iRules to test:
when HTTP_REQUEST { set usessl 0 switch -glob [string tolower [HTTP::uri]] { "/path1/*" { set usessl 1 pool POOL-path1 persist cookie insert cookie1 } "/path2/*" { set usessl 1 pool POOL-path2 persist cookie insert cookie2 } "/path3/*" { set usessl 0 # SSL::disable serverside pool POOL-path3 } default { set usessl 1 } } } when SERVER_CONNECTED { log local0. "usessl value is $usessl" if { $usessl == 0 } { SSL::disable } }
xuwen
Feb 11, 2023Cumulonimbus
Better give the config of list ltm virtual xxx and serverside tcpdump to watch whether F5 send clienthello to this pool member
modify this iRules to test:
when HTTP_REQUEST {
set usessl 0
switch -glob [string tolower [HTTP::uri]] {
"/path1/*" {
set usessl 1
pool POOL-path1
persist cookie insert cookie1
}
"/path2/*" {
set usessl 1
pool POOL-path2
persist cookie insert cookie2
}
"/path3/*" {
set usessl 0
# SSL::disable serverside
pool POOL-path3
}
default {
set usessl 1
}
}
}
when SERVER_CONNECTED {
log local0. "usessl value is $usessl"
if { $usessl == 0 } {
SSL::disable
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects