Forum Discussion
HTTPS/HTTP rewrite URL (Wildcard SSL cert)
Hi guys,
I am pretty new to the forum and iRules...
Here's the issue I am having right now.
We are using a Wildcard SSL cert for one of our HTTPS URL (Lets call it https://*.abc.mydomain.com)
My CTO has requested us to implement a redirect rule for this URL. So when our customers try to access
"https://abc.mydomain.com", they will be redirecting to "https://www.abc.mydomain.com".
I used CNAME on the DNS server so whenever people are accessing "https://abc.mydomain.com" will be redirecting to the same web page as "https://www.abc.mydomain.com".
However, the redirecting does not udpate the URL on the browser to the "Redirected" URL...
Therefore, when you go to the URL, you will always get a SSL cert error message. (Since the original URL https://abc.mydomain.com does not match our wildcard ssl cert)
Is there anything I can configure on the BIG-IP to achieve this?
Any help will be great...
Jon
- hoolio
Cirrostratus
Hi Jon, - hoolio
Cirrostratus
Another option would be to point one of the domains to a separate IP address with a validcert for that FQDN. - JMA_46115
Nimbostratus
Hi Aaron, - Kamalpreet_1068
Nimbostratus
Hi Jon, - hoolio
Cirrostratus
The problem with using a single IP address for multiple fully qualified domain names is that LTM needs to complete an SSL handshake with a single SSL cert before being able to decrypt the SSL and inspect or modify the HTTP to determine which FQDN the client requested. If LTM presents a cert which doesn't have the client's requested FQDN, the client will generate a mismatched cert error.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com