Help writing an Irule for port 636

Question

When I connect from my computer using openssl to Vip1(Pool1), I want it to be redirect to VIP2(Pool2) and get the a different certificate from VIP2 , it presents the certificate for VIP1. I am using a data group, but it only has my computer's IP in the list. I created ssl profiles for both VIP, Hopefully I clearly described it.
when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals Excempt_TLS_wabbit] } {
        SSL::profile "cert-ovd_clientssl"
        pool "IAM_OVD_WeblogicServer_7501"}
}

kevin_stewart · Answer

You normally have to do a little extra work to change the client SSL profile. Try this:
when CLIENT_ACCEPTED {
    if { [class match [IP::client_addr] equals Excempt_TLS_wabbit] } {
        set sslprof "SSL::profile cert-ovd_clientssl"
        eval ${sslprof}
        pool "IAM_OVD_WeblogicServer_7501"
    }
}

Forum Discussion

Help writing an Irule for port 636

Recent Discussions

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Related Content

Hey DeepSeek, can you write iRules?

Hey ChatGPT, can you write iRules?

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

Use iRules LX to write to the file system

ThinkPHP 6.0.0 - 6.0.1 Arbitrary File Write Vulnerability

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS