Forum Discussion
ekanathdas_2662
Nimbostratus
Nimbostratushttps to https with certificate error
Objective
http://www.xyz.com and https://www.xyz.com should redirect to https://xyz.com
=============
conclusion:
http://www.xyz.com is redirecting to https://xyz.com
but
https://www.xyz.com is redirecting to https://xyz.com with a certificate error:
"ERROR: certificate common name `xyz.com' doesn't match requested host name `www.xyz.com'"
================
Below are the configs on the bigip v4
virtual 192.168.81.200:80 unit 1 {
use rule xyz.com-irule
}
proxy 192.168.86.243:443 unit 1 {
target virtual 127.0.86.243:80
clientssl enable
clientssl key xyz.com.key-NEW.key
clientssl cert xyz.com-new.crt
}
virtual 127.0.86.243:80 unit 1 {
netmask 255.255.255.255
use pool random-xyz-pool
}
pool random-xyz-pool {
member 192.168.62.22:http
member 192.168.63.23:http
}
rule xyz.com-irule {
if (http_host == "www.xyz.com") {
redirect to "xyz.com"
}
else {
redirect to "https://%h/%u"
}
}
Any ideas are welcome, does a certificate with www.xyz.com needs to be deployed?
Thanks
- The_BhattmanIs the certificate you have a wildcard cert? I.E. *.xyz.com
Bhattman 
ekanathdas_2662certificate is for xyz.com.
Any alternates other than creating a new certificate?
Thanks,- The_BhattmanIf you can use www.xyz.com cert on a diferent VIP then .xyz.com then you can get around the problem. The last alternative in my mind is wildcats feet.
I hope this helps,
Bhattman
