Multiple Certs, One VIP: TLS Server Name Indication via iRules

An age old question that we’ve seen time and time again in the iRules forums here on DevCentral is “How can I use iRules to manage multiple SSL certs on one VIP"?”. The answer has always historically...

Updated Aug 28, 2025

Version 2.0

Historic F5 Account

Joined May 12, 2005

View Profile

Joel_Moses

Nimbostratus

Jul 26, 2011

What are the specifics of the VS to which you applied the rule? It sounds like you may have applied it to one that is using passthrough SSL or is speaking a protocol other than SSL/TLS over the established connection.

Looking at this, I suspect I should modify the rule to ignore negative text strings or be a little more thorough about the pattern matching to avoid this happening in the future. Thanks for letting me know.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Multiple Certs, One VIP: TLS Server Name Indication via iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS