Forum Discussion

Nimbostratus

Jul 07, 2010

Decrypting stunnel traffic with irule

Hi, I am trying to decrypt stunnel traffic with a specific certificate and sent the decrypted traffic to a pool. I am using version 9.4.8. Of course I want to use to be able to use hardware ssl d...

Cirrostratus

Jul 08, 2010

If you define the test clients in a datagroup and add a client SSL profile to the virtual server, you could use an iRule like this to decrypt only their requests and select the correct pool:

when CLIENT_ACCEPTED {

    Check if client is a test IP (defined in testers_class)
   if {[matchclass [IP::client_addr] equals testers_class]}{

       Specify a non-SSL pool
      pool non_ssl_pool

   } else {

       Disable the client SSL profile
      SSL::disable

       Specify an SSL pool
      pool ssl_pool

   }
}

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)