SNI Based on IRule
I have a requirement to set SNI based on the incoming context for every subsequent requests by same client to the same back-end server.
I have put the following in SERVERSSL_CLIENTHELLO_SEND but it looks like the event SERVERSSL_CLIENTHELLO_SEND is getting triggered for only first request and not for every subsequent request from same client. Is there any better option available ?
log local0. "SNI : one-dev-443 : $sni" set sni_host $sni set sni_length [string length $sni_host] binary scan $sni_host H* sni_host_hex set server_tls_sni_extension "0000" append server_tls_sni_extension "[format %4.4X [expr { $sni_length + 5 }]]" append server_tls_sni_extension "[format %4.4X [expr { $sni_length + 3 }]]" append server_tls_sni_extension "00" append server_tls_sni_extension "[format %4.4X $sni_length]" SSL::extensions insert [binary format H* "$server_tls_sni_extension$sni_host_hex"]