For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

shariq_Hamid_83's avatar
shariq_Hamid_83
Icon for Nimbostratus rankNimbostratus
Jun 29, 2005

Using one ssl for multiple url

I have a ssl for "www.123.com" but I want people typing in "123.com" to be able to redirect to "www.123.com" and should not get ssl warning. How do I create a rule to do this.
application delivery
dev
devops
iRules
v4
Martin_Machacek's avatar
Martin_Machacek
Historic F5 Account
Jul 18, 2005
To avoid the security alert for users typing just 123.com (which all major browsers interpret as http://123.com) you can use:


   rule redir_to_https {
       redirect to "https://www.123.com/%u"
   }
   virtual 1.2.3.4:80 {
      use rule redir_to_https
   }

assuming that DNS name 123.com resolves to address 1.2.3.4.

There is unfortunately no cheaper solution than getting certificate for 123.com that would allow to prevent the certificate name mismatch security alert for users that type "https://123.com". Fortunately users are not very likely to do that.