SSL profile based on Host field .. Is it possible ?

Hi,

 

 

I believe it's not possible as F5 should decrypt the HTTPS traffic in order to find out which HOST in the http header.

 

 

So, if I have two sub-domains as following, and both of them are terminated on the same VIP.

 

 

www.abc.com

 

xxx.abc.com

 

 

and the current/default SSL client profile for this VS is for "www.abc.com" as a Common Name. Server team said that with this certificate the second sub-domain won't work and it should has it's own certificate.

 

 

My question is, is it possible to generate a CSR file with "*.abc.com" as a Common Name, get the certificate from CA, and have both sub-domains working fine. if not, what could be the solution ?

 

 

Thanks in advance for your support.

 

 

 

BR,

 

Abdul