Let's Encrypt on a Big-IP
Problem this snippet solves: It is now possible to make use of Let's Encrypt certificates and maintain them on the Big-IP. Code : http://wiki.lnxgeek.org/doku.php/howtos:let_s_encrypt_-_how_to_iss...
Published Dec 12, 2015
Version 1.0
Brad_Baker
Cirrus
CirrusWe have a (separate) irule on the http VIP to do a 301 from http -> https. But what I'm seeing is that with the backend servers/nodes down (powered off) the irule for redirection, and the irule for lets encrypt challenge response isn't triggered. (Presumably irules don't get triggered for VIPs that are unhealthy/down) So seems like a chicken/egg dilemma.