Forum Discussion
URL rewrite
- Mar 25, 2024
We finally figured it out. We solved our issues by just re-issuing our SSL cert using as a multi-domain cert which incorporates these new domains.
Hi lnewton,
Can you add default stream profile to virtual server and try the iRule?
when HTTP_REQUEST {
STREAM::disable
if { ([HTTP::host] ends_with ".mycompany.com") && not ([HTTP::host] ends_with "ce2.mycompany.com") } {
HTTP::host [string map {"mycompany.com" "ce2.mycompany.com"} [HTTP::host]]
}
}
when HTTP_RESPONSE {
STREAM::disable
if { [HTTP::header Location] contains "ce2.mycompany.com" } {
HTTP::header replace Location [string map {"ce2.mycompany.com" "mycompany.com"} [HTTP::header Location]]
}
if { [HTTP::header value Content-Type] contains "text" } {
STREAM::expression {@ce2.mycompany.com@mycompany.com@}
STREAM::enable
}
}
I'm sorry for being really new at all this, but I'm not sure what you mean by adding a default stream profile.
I'm starting to wonder if I'm going the wrong way about what we are trying to achieve. Here's what is going on:
We have a webserver that will receive requests for multiple domain names (site1.mycompany.com, site2.mycompany.com, site3.mycompany.com, etc...), each of these sites will also respond to the following (site1.ce2.mycompany.com, site2.ce2.mycompany.com, site3.ce2.mycompany.com, etc...). In fact, ultimately we want traffic coming to site1.mycompany.com to go to site1.ce2.mycompany.com. We don't want to have the end user use ce2, but we want to add that for some backend processing that needs to happen.
The problem is the SSL certificates. We have an SSL cert for both *.mycompany.com and *.ce2.mycompany.com but we can only assign one of these certs to the virtual server, so if we assign *.ce2.byu.edu to the iApp traffic to site1.ce2.mycompany.com works just fine, however, traffic to site1.mycompany.com gets a certificate error. And of course, if we switch to the *.mycompany.com cert the opposite problem happens.
Is what we really need is to be able to combine the two certs so that SSL will work for both *.mycompany.com and *.ce2.mycompany.com. We basically need a *.*.mycompany.com cert.
Are you aware of a good way to do that?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com