Multiple Certs, One VIP: TLS Server Name Indication via iRules

An age old question that we’ve seen time and time again in the iRules forums here on DevCentral is “How can I use iRules to manage multiple SSL certs on one VIP"?”. The answer has always historically...
Published Apr 05, 2011
Version 1.0
adn
application delivery
availability
BIG-IP
code
dev
devops
disaster recovery
iRules
management
Joel_Moses's avatar
Joel_Moses
Icon for Nimbostratus rankNimbostratus
Jul 26, 2011
What are the specifics of the VS to which you applied the rule? It sounds like you may have applied it to one that is using passthrough SSL or is speaking a protocol other than SSL/TLS over the established connection.

 

 

Looking at this, I suspect I should modify the rule to ignore negative text strings or be a little more thorough about the pattern matching to avoid this happening in the future. Thanks for letting me know.