Forum Discussion

Willy's avatar
Willy
Icon for Nimbostratus rankNimbostratus
Mar 18, 2015

Rewrite HTTPS requests

I have little experience with iRules en am now confronted with the next issue. We would like to keep a public url in place but use the pool from another public pool. This all runs in https. Meaning c...
application delivery
deployment
devops
iRules
LTM
StephanManthey's avatar
StephanManthey
Icon for Nacreous rankNacreous
Mar 18, 2015

Hi Willy,

if the client connects to "www.first.com" it expects a server certificate with this common name.

This will be as well the value of the host header the client sends.

You can use the command "HTTP::header replace" to replace the host header on the fly to make sure your server receive the expected one: 
HTTP::header replace Host "www.second.com"

It will be possible as well to use the "HTTP::uri" command to replace the URI on the fly.

If your servers response will contain references to "www.second.com" it will be necessary to rewrite them or leave them as they are.

From my perspective there is no need to renegotiate the SSL-connection.

In case your client will now send requests for "www.second.com" you can use a second virtual server with another client-ssl profile or in case your clients can use SNI (server name indication) a second client-ssl profile on your virtual server will provide the expected server certificate if the client initiates a new SSL-connection.

Thanks, Stephan