Dayton_Gray_103
Nov 15, 2011Nimbostratus
Can one set an SSL Server Profile based on the pool member used?
I have a fairly convoluted scenario.
I am sending HTTP traffic to local web servers (using NAT) as well as to an internet facing address at another datacenter (using a SNAT pool). All addresses are ratio load balanced in the same pool and I am using a universal persistence profile to look for a cookie so that the connections will persist (as I need connections to the other datacenter to continue being sent there).
The above seems to work very well for the HTTP virtual server. I am however wondering how I can get this to work with the HTTPS virtual server. I need to somehow set an SSL Server profile to re-encrypt if the pool member used is that of the other datacenter IP address. The HTTPS virtual server is only using a client SSL profile (unencrypt) currently.
Does anyone know if this is a possibility given the above scenario? Here is the iRule that is being used with the universal persistence:
when HTTP_REQUEST {
Check if there is a MYCOOKIE cookie
if {[HTTP::cookie "MYCOOKIE"] ne ""}{
Persist off of the cookie value with a timeout of 4 hours (14400 seconds)
persist uie [string tolower [HTTP::cookie "MYCOOKIE"]] 14400
}
}
when HTTP_RESPONSE {
Check if there is a MYCOOKIE cookie in the response
if {[HTTP::cookie "MYCOOKIE"] ne ""} {
Persist off of the cookie value with a timeout of 4 hours (14400 seconds)
persist add uie [string tolower [HTTP::cookie "MYCOOKIE"]] 14400
}
}
Thanks!!