SSL Traffic help.... ?????

When a URL is accessed, the browser sets the HTTP host header value to the domain in the URL. So if the URL is an IP address, the host header is set to an IP address. When the server (LTM in this case) sends the server cert, the browser checks the cert subject against the domain it made the request to. If the two don't match, the browser generates a mismatched cert warning.

 

 

Here are two example requests using curl which show the different HTTP host header values:

 

 

 

$ curl -v 'http://www.google.co.uk/advanced_search?q=my+query&hl=en'

 

 

* About to connect() to www.google.co.uk port 80 (0)

 

* Trying 66.102.9.105... connected

 

* Connected to www.google.co.uk (66.102.9.105) port 80 (0)

 

> GET /advanced_search?q=my+query&hl=en HTTP/1.1

 

> User-Agent: curl/7.19.6 (i686-pc-cygwin) libcurl/7.19.6 OpenSSL/0.9.8l zlib/1.2.3 libidn/1.16 libssh2/1.2

 

> Host: www.google.co.uk

 

> Accept: */*

 

>

 

 

$ curl -v 'http://66.102.9.105/advanced_search?q=my+query&hl=en'

 

* About to connect() to 66.102.9.105 port 80 (0)

 

* Trying 66.102.9.105... connected

 

* Connected to 66.102.9.105 (66.102.9.105) port 80 (0)

 

> GET /advanced_search?q=my+query&hl=en HTTP/1.1

 

> User-Agent: curl/7.19.6 (i686-pc-cygwin) libcurl/7.19.6 OpenSSL/0.9.8l zlib/1.2.3 libidn/1.16 libssh2/1.2

 

> Host: 66.102.9.105

 

> Accept: */*

 

>

 

 

< HTTP/1.1 200 OK

 

< Content-Type: text/html; charset=ISO-8859-1

 

< Transfer-Encoding: chunked

 

< Cache-Control: private, max-age=0

 

< Date: Fri, 19 Mar 2010 08:08:20 GMT

 

< Expires: -1

 

< Server: gws

 

< Set-Cookie: SS=Q0=bXkgcXVlcnk; path=/search

 

< X-XSS-Protection: 0

 

 

 

 

Aaron