iRule SSL Client

Question

We have an SSL only VIP and have a need to access it from an iRule associated with another VIP.  Normally we just use the virtual or node command to connect to another VIP on the LTM, but that doesn't work because this particular VIP requires SSL. 
&nbsp;  
&nbsp; Is it possible within an iRule to be an SSL Client and connect to an SSL Server?  
&nbsp;  
&nbsp; Thanks, 
&nbsp; -Dan 
&nbsp;

spark_86682 · Answer

You should be able to add a serverssl profile to your vip, and then add some code that looks like: 
&nbsp;  
&nbsp;  
 when SERVER_CONNECTED { 
   if { $need_ssl_only_vip } { 
     SSL::enable 
     virtual ssl_only_vip 
   } else { 
     SSL::disable 
   } 
 } 
  
&nbsp;  
&nbsp; I haven't tried this, but it should work.

colin_walker_12 · Answer

Hoolio has a great example of this in the codeshare - Click here 
&nbsp;  
&nbsp; Colin

dan_19334 · Answer

Thanks, the SERVER_CONNECTED code looks promising I will test that out and report back.  The codeshare one to me looks like it is how to handle this creatively on the receiving end... 
&nbsp;  
&nbsp; -Dan

Forum Discussion

iRule SSL Client

Recent Discussions

Sync-failover group doesn't sync properly

Outlook for mobile doesn't via APM doesn't work with Modern Authenication

F5OS download backup via API

Problems with ping dropped packets

Using the WAF instead of a jump server for ssh-tunneling?

Related Content

SSL Heartbleed iRule update

SSL Heartbleed server side iRule

Limit Connections From Client

SSL profile

List of client ssl profiles certificate chain