can I set ssl profile by [HTTP::host] in one irule?

Question

I have this scene: &nbsp;
&nbsp;www.a.com mapped to a virtual server,
&nbsp;www.b.com mapped to www.a.com&nbsp;
&nbsp;here is the question,when performing a https request on both www.a.com and www.b.com I should provide a ssl profile. Can I use different host name to determine which ssl profile should I use in one irule?&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

hamish · Answer

Im assuming here youre talking about the TlS extensions for multiple virtual hosts on a single IP address. I've seen an irule floating around that does the extensions to TLS to use the ssl negotiation for determining which certificate to present.  
&nbsp;  
&nbsp; You need a browser that supports this though... I'll have a loom round, but im pretty sure it was in the codeshare. 
&nbsp;  
&nbsp; If its not, the yes, its possible, but youll need to do a fair bit of work yourself. ;) 
&nbsp;  
&nbsp; H

hamish · Answer

Yep... Its in the codeshare at 
&nbsp;  
&nbsp; http://devcentral.f5.com/wiki/iRules.TLS-ServerNameIndication.ashx 
&nbsp;  
&nbsp; H

hoolio · Answer

The main caveat with TLS SNI is that IE on WinXP cannot support it. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

can I set ssl profile by [HTTP::host] in one irule?

3 Replies

Tyler - May 2026 Featured Member

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

F5 Send email and snmp trap from LTM log event

shame on f5

Dynamic import of data groups

ASM allow specific url from outside country of geolocation ON

AWAF Detection Inconsistency Between Similar Test Payloads

Related Content

(HTTP) Redirection via Arbitrary Host Header

STREAM profile (HTTP > HTTPS) with host exception

iRule http host with wildcard domain

AppWorld Berlin iRules Contest!

Select pool based on HTTP host header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS