Forum Discussion

Altostratus

Mar 22, 2024

URL rewrite

I'm trying to figure out how to write a policy or iRule that will modify a URL For an example, a number of URLs (url1.mycompany.com, url2.mycompany.com, url3.mycompany.com, etc) point to a virtua...

irule

policy

lnewton
Mar 25, 2024
We finally figured it out. We solved our issues by just re-issuing our SSL cert using as a multi-domain cert which incorporates these new domains.

Enes_Afsin_Al

MVP

Mar 22, 2024

Hi lnewton,

Can you add default stream profile to virtual server and try the iRule?

when HTTP_REQUEST {
	STREAM::disable
	if { ([HTTP::host] ends_with ".mycompany.com") && not ([HTTP::host] ends_with "ce2.mycompany.com") } {
		HTTP::host [string map {"mycompany.com" "ce2.mycompany.com"} [HTTP::host]]
	}
}

when HTTP_RESPONSE {
	STREAM::disable
	if { [HTTP::header Location] contains "ce2.mycompany.com" } {
		HTTP::header replace Location [string map {"ce2.mycompany.com" "mycompany.com"} [HTTP::header Location]]
	}
	
	if { [HTTP::header value Content-Type] contains "text" } {
		STREAM::expression {@ce2.mycompany.com@mycompany.com@}
		STREAM::enable
	}
}

lnewton
Altostratus
Mar 25, 2024
I'm sorry for being really new at all this, but I'm not sure what you mean by adding a default stream profile.

I'm starting to wonder if I'm going the wrong way about what we are trying to achieve. Here's what is going on:

We have a webserver that will receive requests for multiple domain names (site1.mycompany.com, site2.mycompany.com, site3.mycompany.com, etc...), each of these sites will also respond to the following (site1.ce2.mycompany.com, site2.ce2.mycompany.com, site3.ce2.mycompany.com, etc...). In fact, ultimately we want traffic coming to site1.mycompany.com to go to site1.ce2.mycompany.com. We don't want to have the end user use ce2, but we want to add that for some backend processing that needs to happen.

The problem is the SSL certificates. We have an SSL cert for both *.mycompany.com and *.ce2.mycompany.com but we can only assign one of these certs to the virtual server, so if we assign *.ce2.byu.edu to the iApp traffic to site1.ce2.mycompany.com works just fine, however, traffic to site1.mycompany.com gets a certificate error. And of course, if we switch to the *.mycompany.com cert the opposite problem happens.

Is what we really need is to be able to combine the two certs so that SSL will work for both *.mycompany.com and *.ce2.mycompany.com. We basically need a *.*.mycompany.com cert.

Are you aware of a good way to do that?
lnewton
Altostratus
Mar 25, 2024
I did find the default stream profile and added it to the virtual server and then was able to add the iRule, but it didn't seem to work... Assuming that I did it correctly.
lnewton
Altostratus
Mar 25, 2024
We finally figured it out. We solved our issues by just re-issuing our SSL cert using as a multi-domain cert which incorporates these new domains.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

URL rewrite

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

F5 ADC - url rewrite redirect with parsing

URL Rewrite

URL Rewrite/ProxyPass Functionality

URL/URI rewrite without changing in Client browser

URL Rewrite?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS