Forum Discussion

Harold_Deadman_'s avatar
Harold_Deadman_
Icon for Nimbostratus rankNimbostratus
Sep 28, 2011

what is appropriate way to use SSL::disable serverside/ SSL::enable serverside

We have a requirement to encrypt server-side traffic between the F5 and our SSO web application (CAS) because passwords are transmitted. Our F5 VIP has several different applications behind it on seve...
application delivery
dev
devops
iRules
Remco's avatar
Remco
Icon for Nimbostratus rankNimbostratus
Feb 15, 2012
Hi,

I am trying to setup our test environment but both the suggested SERVER_CONNECTED irule event does not work.

rule: 


when SERVER_CONNECTED { if { not ( [LB::server pool] eq Target.Pool.Name.For.SSL.Enable) } { SSL::disable } }

Gives the following error:

01070151:3: Rule [test] error: line 2: [parse error: PARSE syntax 63 {syntax error in expression " not ( [LB::server pool] eq Target.Pool.Name.For.SSL.Enable)...": variable references require preceding $}] [{ not ( [LB::server pool] eq Target.Pool.Name.For.SSL.Enable) }]

and rule 


when CLIENT_ACCEPTED { 
    SSL::disable serverside } 
when HTTP_REQUEST {
} 
when SERVER_CONNECTED {
 if { ([string tolower [LB::server pool]] eq Target.Pool.Name.For.SSL.Enable) }{ 
        SSL::enable serverside } 
  else { 
      SSL::disable serverside }
}

gives error:

01070151:3: Rule [test] error: line 7: [parse error: PARSE syntax 153 {syntax error in expression " ([string tolower [LB::server pool]] eq Target.Pool.Name.For...": variable references require preceding $}] [{ ([string tolower [LB::server pool]] eq Target.Pool.Name.For.SSL.Enable) }]

According to the wiki:

http://devcentral.f5.com/wiki/irules.LB__server.ashx

is LB::server not supported in the SERVER_CONNECTED event.