Forum Discussion
Simon_Poirier_7
Nimbostratus
NimbostratusiRule to have 2 SSL Cert on 1 virtual server
Hi,
I'm trying to get one virtual server to respond with 2 different certificats depending on the domain type by the user
here what I have but it didn't work
when HTTP_REQUEST {
$dom = [HTTP::host]
}
when CLIENT_ACCEPTED {
if { $dom equals "webmail.domainone.com" } {
SSL::profile ucc_webmail.domainone.com
} elseif { $dom equals "webmail.domaintwo.com" } {
SSL::profile ucc_webmail.domaintwo.com
}
}
I would really appreciate any help on that
Thanks
Simon
Peter_72728Simon,
I think at least part of the reason it's not working is that the Client_Accepted event fires before the HTTP_Request event. So, your dom variable hasn't been set when your conditional is executed.
Take a look at this post for more details on the event order.
http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/344/iRules-Event-Order.aspx
Peter
Michael_YatesHi Simon,
Look at this thread. It is a discussion similar to what you are wanting with some additional considerations and another pointer to and iRule example, but you might be better off with a Multi-SAN SSL Certificate.
http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1178701/showtab/groupforums/Default.aspx
Multiple Certs, One VIP: TLS Server Name Indication via iRules by Colin Walker
http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086451/Multiple-Certs-One-VIP-TLS-Server-Name-Indication-via-iRules.aspx
Hope this helps.