Forum Discussion
Joel_Moses
Mar 28, 2011Nimbostratus
TLS Server Name Indication iRule
http://devcentral.f5.com/wiki/default.aspx/iRules/TLS_ServerNameIndication.html
I posted the iRule above for discussion purposes. It decodes the TLS SNI extension field in an SSL/TLS negot...
Joel_Moses
Mar 28, 2011Nimbostratus
Thanks!
I just posted a revision once I realized that there's a really easy way to do pool selection with a second data group list. One datagroup sets the clientSSL profile per hostname, and the other sets the pool per hostname. If it's not in either datagroup, it'll fall through to the default pool or clientSSL profile.
So -- now this will allow you to host multiple sites from multiple pools using multiple certificates, all through a single VIP.
...if browser support for SNI is there, of course. :>
Joel
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects