Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Mar 10, 2014

use irule to give out ssl certs

how do I use an irule to give out certs based on domain name?

application delivery

Kurt_Knochner_5
Mar 10, 2014
Without SNI (server name indication) it's not possible.

See: https://devcentral.f5.com/articles/multiple-certs-one-vip-tls-server-name-indication-via-irules.Ux4dM_l5NUM

Kevin_Stewart
Employee
Mar 10, 2014
Can I assume you mean to present a server certificate in an SSL handshake based on the requested host name? If so, iRule implementations are limited. Your best bet may be:

A single wildcard server certificate

A single SAN server certificate

Multiple Server Name Indicator (SNI) certificates
Kurt_Knochner_5
Cirrus
Mar 10, 2014
Without SNI (server name indication) it's not possible.

See: https://devcentral.f5.com/articles/multiple-certs-one-vip-tls-server-name-indication-via-irules.Ux4dM_l5NUM
drisher_24595
Nimbostratus
Mar 10, 2014
thank you. just found the SNI article. i'll see if it will do the trick.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming