F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Matthieu_Dieri1's avatar
Matthieu_Dieri1
Historic F5 Account
Jan 08, 2014

Disable SSL server profile with CPM policy

Hi friends,

 

I'm trying to disable SSL server profile on a VS with CPM policy. But unfortunately, I'm not able to make it works. My policy is very simple : - if host = secure.internal.com --> use server SSL profile and forward to secure WEB pool - if host = unsecure.internal.com --> do not use server SSL profile and forward to unsecure web pool

 

On my VS, Server SSL profile is set. So, the first rule works. But the second does not, SSL server profile is not disable. Have a look on my policy. I don't know if the action "server-ssl disable" works on CPM because I can not set any parameter on this action.

 

 

application delivery
deployment
devops
iRules

2 Replies

  • Matt_Dierick's avatar
    Matt_Dierick
    Icon for Employee rankEmployee
    Jan 08, 2014

    The workaround is to use this irule, but I would like to make it works with CPM :

    when HTTP_REQUEST {
if { [HTTP::host] equals "unsecure.internal.com"}{
SSL::disable serverside
} else {
SSL::enable serverside
}
}
  • Matt_Dierick's avatar
    Matt_Dierick
    Icon for Employee rankEmployee
    Jan 08, 2014

    Hi Kevin,

     

    Thanks for your analyse. I could have done tcpdump to check that ;-) I'm gonna raise a case and use the irule in the meantime.

     

    Do you know who is the first player between CPM and iRule when both of them use HTTP_REQUEST ?

     

    Take care Matt