iRules for SSL certificates
Hi everybody,
We have a client who is hosting three FQDN's on same web server. In order to deliver correct SSL certificates based on the server name, we have configured SNI, with three different profiles. Configuration is done per this article:
https://support.f5.com/csp/article/K13452
and we used iRule from the same article:
when HTTP_REQUEST {
set hostname [getfield [HTTP::host] ":" 1]
}
when SERVER_CONNECTED {
switch -glob [string tolower $hostname] {
"siteA.com" {
SSL::profile serverssl-siteA
}
"siteB.com" {
SSL::profile serverssl-siteB
}
"sitec.com" {
SSL::profile serverssl-siteC
}
default {
#default serversssl profile to be selected if Host header value cannot be matched with predefined values
SSL::profile serverssl
}
}
}
Everything is working as it should. But we have additional request:
- siteB should require two way SSL authentication when accessed via siteB/admin/ URL
Could someone advise us regarding iRule that would offer this functionality?
Thanks in advance,
Ivan