For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Mar 10, 2014

Solved

use irule to give out ssl certs

how do I use an irule to give out certs based on domain name?

application delivery

Kurt_Knochner_5
Mar 10, 2014
Without SNI (server name indication) it's not possible.

See: https://devcentral.f5.com/articles/multiple-certs-one-vip-tls-server-name-indication-via-irules.Ux4dM_l5NUM

3 Replies

Kevin_Stewart
Employee
Mar 10, 2014
Can I assume you mean to present a server certificate in an SSL handshake based on the requested host name? If so, iRule implementations are limited. Your best bet may be:

A single wildcard server certificate

A single SAN server certificate

Multiple Server Name Indicator (SNI) certificates
Kurt_Knochner_5
Cirrus
Mar 10, 2014
Without SNI (server name indication) it's not possible.

See: https://devcentral.f5.com/articles/multiple-certs-one-vip-tls-server-name-indication-via-irules.Ux4dM_l5NUM
drisher_24595
Nimbostratus
Mar 10, 2014
thank you. just found the SNI article. i'll see if it will do the trick.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5