Forum Discussion
lnewton
Altostratus
AltostratusURL rewrite
I'm trying to figure out how to write a policy or iRule that will modify a URL
For an example, a number of URLs (url1.mycompany.com, url2.mycompany.com, url3.mycompany.com, etc) point to a virtual server on our F5. I would like to create an iRule or Policy that will modify or rewrite the URL before routing the traffic to the nodes in the Pool to be (url1.ce2.mycompany.com, url2.ce2.mycompany.com, url3.ce2.mycompany.com, etc).
In other words I need an iRule or policy that rewrites *.mycompany.com to *.ce2.mycompany.com
We finally figured it out. We solved our issues by just re-issuing our SSL cert using as a multi-domain cert which incorporates these new domains.
Hi lnewton,
Can you add default stream profile to virtual server and try the iRule?
when HTTP_REQUEST { STREAM::disable if { ([HTTP::host] ends_with ".mycompany.com") && not ([HTTP::host] ends_with "ce2.mycompany.com") } { HTTP::host [string map {"mycompany.com" "ce2.mycompany.com"} [HTTP::host]] } } when HTTP_RESPONSE { STREAM::disable if { [HTTP::header Location] contains "ce2.mycompany.com" } { HTTP::header replace Location [string map {"ce2.mycompany.com" "mycompany.com"} [HTTP::header Location]] } if { [HTTP::header value Content-Type] contains "text" } { STREAM::expression {@ce2.mycompany.com@mycompany.com@} STREAM::enable } }
lnewtonI'm sorry for being really new at all this, but I'm not sure what you mean by adding a default stream profile.
I'm starting to wonder if I'm going the wrong way about what we are trying to achieve. Here's what is going on:
We have a webserver that will receive requests for multiple domain names (site1.mycompany.com, site2.mycompany.com, site3.mycompany.com, etc...), each of these sites will also respond to the following (site1.ce2.mycompany.com, site2.ce2.mycompany.com, site3.ce2.mycompany.com, etc...). In fact, ultimately we want traffic coming to site1.mycompany.com to go to site1.ce2.mycompany.com. We don't want to have the end user use ce2, but we want to add that for some backend processing that needs to happen.The problem is the SSL certificates. We have an SSL cert for both *.mycompany.com and *.ce2.mycompany.com but we can only assign one of these certs to the virtual server, so if we assign *.ce2.byu.edu to the iApp traffic to site1.ce2.mycompany.com works just fine, however, traffic to site1.mycompany.com gets a certificate error. And of course, if we switch to the *.mycompany.com cert the opposite problem happens.
Is what we really need is to be able to combine the two certs so that SSL will work for both *.mycompany.com and *.ce2.mycompany.com. We basically need a *.*.mycompany.com cert.
Are you aware of a good way to do that?- lnewton
I did find the default stream profile and added it to the virtual server and then was able to add the iRule, but it didn't seem to work... Assuming that I did it correctly.
- lnewton
We finally figured it out. We solved our issues by just re-issuing our SSL cert using as a multi-domain cert which incorporates these new domains.
- Nikoolayy1
MVP
Outside of Enes_Afsin_Al suggestion about STREAM irule that has been used many times F5 LTM has rewrite profiles and which is better depends on the use case and personal preferences. Having 2 or more options for the same thing is what BIG-IP is best at !
