Certificate Error on Website

By chance does your multi-domain (SAN) certificate contain both "unlumenkul.com" and "

You don't appear to have the iRule on the https VIP. In other words, you need to redirect from https://unlumenkul.com to https://www.unlumenkul.com on the https VIP.

Hi Kevin,

Yes but the problem is that www redirection is not working. My rule is the following ; i have tried this one on my test environment and it works ok.

when HTTP_REQUEST { if { (([HTTP::host] equals "unlumenkul.com") && ([HTTP::uri] equals "/")) } { HTTP::redirect "; } }

No, certificate only contains www. it is multidomain certificate but for a specific domain, it has only www. So that, i believe this is the reason why this error occurs. Is there any way to eliminate this certificate error ???

Reflecting upon the OSI model, it's important to understand that layer 6 (SSL) happens before layer 7 (HTTP), and that the two are, for the most part, independent and oblivious of one another. What you're seeing is the result of an SSL handshake that performs badly (because the cert doesn't match the requested host name), and before you've actually decrypted the traffic to be able to process HTTP URLs. The only way to deal with this is to include "unlumenkul.com" in a new multi-domain certificate.

Aside from the semicolon on the redirect line ( it probably doesn't matter ), the code looks good. If this iRule is on the HTTPS VIP, then you might need to insert a log line in the iRule to verify that the 'if' statement is executing, and then test the redirect line.

when HTTP_REQUEST {

if { (([HTTP::host] equals "unlumenkul.com") && ([HTTP::uri] equals "/")) } {
        log local0. "\[HTTP::host\]: [HTTP::host]"
    HTTP::redirect "https://www.unlumenkul.com/";
}

}

With this you should be able to verify that the if statement executes. If you don't see a log entry, it means the 'if' doesn't execute. You can move the log code above the 'if' statement to see what hostname is.