Forum Discussion

Nimbostratus

Sep 11, 2006

Cert Problem

I'm not sure if there is a slution to my issue, but Support suggested there might be an Irule solution. basically i am attempting this: when HTTP_REQUEST { if { [HTTP::host] equals "...

Historic F5 Account

Sep 11, 2006

This type of a chicken and egg SSL cert question has been asked a few times before. If you search the forums you'll probably find a couple of different discussions related to similar topics.

The short answer is, no, there isn't a way to read the information in the HTTP headers before the SSL handshake has occured, so you won't be able to see what the hostname is without first decrypting the data. At this point, you've already exchanged the cert, and the user has seen an alert if they are prompted to accept a cert for a different domain.

Colin

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)