Forum Discussion

Kevin_Pruett_73's avatar
Kevin_Pruett_73
Icon for Nimbostratus rankNimbostratus
Dec 31, 2012

ssl::ciper iRule, working.....kinda......

We have deployed an iRule using the SSL:cipher keyword and are getting mixed results. The scenario is as follows:   We are supporting a vendor software that is sending both ssl encrypted and unen...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Dec 31, 2012

The app shouldn't receive a request which the iRule is redirecting, so I'm not sure where the double port is coming from.

Can you enable logging, retest and reply with the sanitized logs from /var/log/ltm?

Also, which LTM version are you running?


when HTTP_REQUEST {

    Check if the client used an SSL cipher
   if {not ([catch {SSL::cipher version} result]) && [string tolower $result] ne "none"}{

       Client did use a cipher
      log local0. "\$result: $result. Allowing encrypted request to [HTTP::host][HTTP::uri]"
 
   } else {

       Client did not use a cipher
      log local0. "\$result: $result. Redirecting unencrypted request to https://[HTTP::host]:1234[HTTP::uri]"
      HTTP::redirect "https://[HTTP::host]:1234[HTTP::uri]"
   }
}

Aaron