redirection for SSL without cert HELP

Question

If I have a virtual interface configured for TCP 443 and I have a redirection iRule to a correct good URL:&nbsp;
&nbsp;when HTTP_REQUEST {
&nbsp;      HTTP::redirect "https://www.mysite.com"
&nbsp;   }&nbsp;
&nbsp;and I type of the https://ip address of the virutal interface, will I get the "Not a valid ssl site" message before the redirection occurs?

hoolio · Answer

When you make a request to an HTTPS web server and the server responds with a certificate, the browser compares the subject of the cert with the host name it made the request to.  If they don't match, and the browser isn't configured to ignore cert mismatch errors, the browser will generate a cert mismatch error.  As you're making a request by IP address, the cert subject won't match and you'll get the browser warning.&nbsp;
&nbsp;If you make a request which matches the cert's subject, do you still get a warning?  Are clients requesting host names which don't match the cert's subject?  If so, take a look at this post (Click here) for some additional info.&nbsp;
&nbsp;Aaron

Forum Discussion

redirection for SSL without cert HELP

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

FTP PASV mode to Extended Passive mode

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

Related Content

Integrating Hashicorp Vault with Cert Manager and F5 NGINX Ingress Controller

Use Kubernetes Cert-Manager to Maintain Let's Encrypt Certificates

SSL-Cert

(HTTP) Redirection via Arbitrary Host Header

SSL Cert expiration Tracker

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS