Forum Discussion
encryption of sensitive data in configuration
I do know one way to hide sensitive data in an iRule - hide it in the session table, so it lives only in memory and doesn't appear in the config files.
To do this you will need to create a "Control Plane" VIP to update the data. This VIP would be internal-facing, source IP restricted and maybe client cert protected (you wouldn't want just anybody accessing it). It wouldn't have a pool associated - just an iRule
when HTTP_REQUEST {
set key [URI::query [HTTP::uri] "key"]
set value [URI::query [HTTP::uri] "value"]
Set the key value in session table
table set $key $value indefinite
log local0. "Key $key updated by [IP::remote_addr]"
}
Then in other iRules that need to use that data, you would reference [table lookup "blah"], where 'blah' was the value of the 'key' query parameter in the control plane iRule.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com