TLS server_name extension based routing without clientssl profile

Problem this snippet solves: Some configuration requires to not decrypt SSL traffic on F5 appliances to select pool based on HTTP Host header. I found a useful irule and this code keeps the struct...

Updated Jun 06, 2023

Version 2.0

binary

sni

sni without clientssl profile

ssl

TMOS

Stanislas_Piro2

Cumulonimbus

Joined January 04, 2011

View Profile

Brad_Baker

Cirrus

Apr 18, 2024

It appears that the latest version of Google Chrome (version 124) on MacOS has broken the above code. With debugging turned on, we get this when a MacOS client accesses a virtual server with this rule:

No SSL/TLS protocol detected ; connection is rejected (0x0000)

Can anyone else confirm this? Any idea how to fix it? Stanislas_Piro2

TLS server_name extension based routing without clientssl profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS