iRule SSL Client

Question

We have an SSL only VIP and have a need to access it from an iRule associated with another VIP.  Normally we just use the virtual or node command to connect to another VIP on the LTM, but that doesn't work because this particular VIP requires SSL. 
&nbsp;  
&nbsp; Is it possible within an iRule to be an SSL Client and connect to an SSL Server?  
&nbsp;  
&nbsp; Thanks, 
&nbsp; -Dan 
&nbsp;

spark_86682 · Answer

You should be able to add a serverssl profile to your vip, and then add some code that looks like: 
&nbsp;  
&nbsp;  
 when SERVER_CONNECTED { 
   if { $need_ssl_only_vip } { 
     SSL::enable 
     virtual ssl_only_vip 
   } else { 
     SSL::disable 
   } 
 } 
  
&nbsp;  
&nbsp; I haven't tried this, but it should work.

colin_walker_12 · Answer

Hoolio has a great example of this in the codeshare - Click here 
&nbsp;  
&nbsp; Colin

dan_19334 · Answer

Thanks, the SERVER_CONNECTED code looks promising I will test that out and report back.  The codeshare one to me looks like it is how to handle this creatively on the receiving end... 
&nbsp;  
&nbsp; -Dan

Forum Discussion

iRule SSL Client

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

FTP PASV mode to Extended Passive mode

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

Related Content

iRule based RADIUS Client Stack

Thumbprint of the client ssl certificate

iRule to accept client then SSL cert validation

Client SSL Profile

Client vs Server SSL profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS