F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

raphael_norber1's avatar
raphael_norber1
Icon for Nimbostratus rankNimbostratus
Sep 11, 2006

Cert Problem

I'm not sure if there is a slution to my issue, but Support suggested there might be an Irule solution. basically i am attempting this:     when HTTP_REQUEST {   if { [HTTP::host] equals "...
application delivery
dev
devops
iRules
Colin_Walker_12's avatar
Colin_Walker_12
Historic F5 Account
Sep 11, 2006
This type of a chicken and egg SSL cert question has been asked a few times before. If you search the forums you'll probably find a couple of different discussions related to similar topics.

 

 

The short answer is, no, there isn't a way to read the information in the HTTP headers before the SSL handshake has occured, so you won't be able to see what the hostname is without first decrypting the data. At this point, you've already exchanged the cert, and the user has seen an alert if they are prompted to accept a cert for a different domain.

 

 

Colin