Forum Discussion

lior's avatar
lior
Icon for Nimbostratus rankNimbostratus
3 years ago

client not support ssl to ssl supported server

Hi all,   I have a condition that I have an application that needs to send api requests. and if it comes from a certen source ip I need to forward it to another pool. I cant do a redirect(302)..c...
application delivery
CA_Valli's avatar
CA_Valli
Icon for MVP rankMVP
3 years ago

You should be able to achieve this with a serverSSL profile on your virtual server. 

If only this very specific traffic needs encryption, you could add an "else" statement with SSL::disable serverside command in addition to serverSSL profile.. something like this

 

when HTTP_REQUEST {
 set nossl 1
 if {[IP::addr [IP::client_addr] equals "10.10.10.10"]} {
  HTTP::header replace Host "xyz"
  pool another_pool-443
  HTTP::uri "abcwq/"
  set nossl 0
 }
}
when SERVER_CONNECTED {
  if {$nossl}{ SSL::disable } 
}

 

lior's avatar
lior
Icon for Nimbostratus rankNimbostratus
3 years ago

I have configure the server ssl profile "serverssl" on the same vip that is configured with the I rule and it didnt work..

with wireshark I still see no ssl

  • CA_Valli's avatar
    CA_Valli
    Icon for MVP rankMVP
    3 years ago

    What is the full setup?