Force www to non-www on SSL

Question

Can an F5 redirect a https request before the browser handshakes the cert? Having trouble with this iRule for redirecting https://www.domain2.org/folder. It should redirect to https://domain2.org/folder but it doesn't and just fires a certificate error because we don't have  but domain.org in our Advantage Cert. Other than that everything works prefect.
when HTTP_REQUEST { 
       switch [string tolower [HTTP::host]] {
          "www.domain1.org" -
          "example1.org"
          {
            pool pool_prd_443
          }
          "www.domain2.org"
          {
            HTTP::redirect https://domain2.org[HTTP::uri]
          }
          "domain2.org"
          {
            pool pool_prd_8443
          }
       }
}

f5_digger_13600 · Accepted Answer

Potential solution would be to use SNI (https://devcentral.f5.com/articles/ssl-profiles-part-7-server-name-indication).
&nbsp; As Jie said, SSL negotiation process occurs before HTTP event/process. Therefore whatsoever you need to terminate SSL before you do something with HTTP.&nbsp;
With SNI, you can terminate multiple domain SSL (applying multiple client SSL profiles). After that, by using iRue, you can do whatever you want to do with HTTP.&nbsp;

Forum Discussion

Force www to non-www on SSL

2 Replies

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

JSON Web Key Set Endpoint

Related Content

Set your Preferred Domain (www or non-www)

Generic irule to redirect www to non-www

Extend visibility - BIG-IP joins forces with CrowdStrike

redirect non www to https+www

SSH Brute Force Protection with SSH Proxy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS