F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

3 Replies

  • Ed_Hammond_2611's avatar
    Ed_Hammond_2611
    Icon for Nimbostratus rankNimbostratus
    Apr 04, 2011
    You can't see the HTTP data when it is encrypted, so you can get there. You must decrypt it. Sorry!
  • DeVon_Jarvis's avatar
    DeVon_Jarvis
    Icon for Altostratus rankAltostratus
    Apr 04, 2011
    You mentioned that you want to redirect BEFORE the SSL handshake occurs. Since the client is requesting an SSL connection, it will not pass any data until this connection is established. So, no, it is not possible to redirect before the SSL handshake, AFAIK.

     

     

    As Ed said, you can terminate the SSL connection using a clinet-side SSL profile. Then in an iRule, you can redirect based in your condition.

     

     

    Hope this helps to direct your efforts!

     

     

    DeVon

     

  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Apr 05, 2011
    This is a pretty classic chicken & egg question we get asked a lot. Maybe we should write this up more clearly/prominently so people can find it more easily?

     

     

    Both above posters are correct, unfortunately. You can't access encrypted data until it's unencrypted on the LTM. It can't be unencrypted (since no traffic passes at all) until the handshake occurs. So you're kind of stuck.

     

     

    Colin