Content switching with SSL offloading on a single virtual server address
Hi guys
we are planning to implement content-switching and just using one virtual server ip address. This single ip will represent multiple urls with SSL. This is in order for our client to save ip address. Can a single VS handle multiple SSL Certificates and use iRule to determine which one to use? Basically here is the traffic flow
Sample
1. Client -> www.test1.com/xxx -> vs=1.1.1.1 -> iRule1 (policy to check which SSL cert to bind to the URL) -> iRule2 (policy to check which pool to send depending on the url or url parameter) -> iRule3 (policy to check if the client ip address is allowed to access the pool) -> pool_test1
2. Client -> www.test1.com/yyy -> vs=1.1.1.1 -> iRule1 (policy to check which SSL cert to bind to the URL) -> iRule2 (policy to check which pool to send depending on the url or url parameter) -> iRule3 (policy to check if the client ip address is allowed to access the pool) -> pool_test2
3. Client -> www.test2.com/xxx -> vs=1.1.1.1 -> iRule1 (policy to check which SSL cert to bind to the URL) -> iRule2 (policy to check which pool to send depending on the url or url parameter) -> iRule3 (policy to check if the client ip address is allowed to access the pool) -> pool_test3
4. Client -> www.test2.com/yyy -> vs=1.1.1.1 -> iRule1 (policy to check which SSL cert to bind to the URL) -> iRule2 (policy to check which pool to send depending on the url or url parameter) -> iRule3 (policy to check if the client ip address is allowed to access the pool) -> pool_test4
Client is using Citrix and we wanted to replace it with F5.
Many thanks