Use iRule to "attach" certficate

I do not have a single cert. And I don't know what is a "subject alternate names".

 

 

What the clients want is to have only one VIP because they say they are running out of IPs.

 

The client wants to use only 1 VIP to distribute all incoming traffic to many servers. So yes, the same browser may access a.b.com, x.y.com or d.e.com ... etc.

 

 

The easiest way (and as you already aptly pointed out), is to have a VIP for each of the host. Then for each host I import the corresponding cert/key and create the corresponding SSL Profile and then associated that profile with the VS created JUST for that host with a distinct IP (A record from DNS) and I am done.

 

 

But they don't want that. They want only one IP (actually, only one URL) and that one host will point to the one IP/VIP, then they expect me to use iRule to route the traffic - which I can do - say, different URI - but ALSO to use the appropiate Cert/key/ssl profile. Of course, their design is faulted - if the browser is going to a.b.com (the single URL) then I can only return a.b.com, not x.y.com. But that is ok, I can tell them what really needs to happen is the client clicks on a.b.com, I took it to a.b.com and return a page that has, for example, x.y.com and when the client clicks that, it is still going to the IP for a.b.com but now they need me to send to x.y.com PLUS the cert/ssl profile for x.y.com. That, the last sentence, is the part I do not find anyway to do. According to your last response, this is not possible.