Forum Discussion
hooleylist
Oct 13, 2006Cirrostratus
It looks like that is correct. I think the logic is: if you're just passing the SSL traffic through the BIG-IP, BIG-IP never sees the SSL handshake--and therefore you can't access the SSL cert info or use SSL-based iRule commands. I'm not sure whether the client SSL cipher version info is snoop-able in between the client and the server, but I'm pretty sure BIG-IP isn't looking for it (if it is visible) anyhow.
Regardless, you need to decrypt the HTTPS traffic in order to send an HTTP redirect back to the client.
Aaron