Multiple Certs, One VIP: TLS Server Name Indication via iRules

An age old question that we’ve seen time and time again in the iRules forums here on DevCentral is “How can I use iRules to manage multiple SSL certs on one VIP"?”. The answer has always historically...
Updated Aug 28, 2025
Version 2.0
adn
application delivery
availability
BIG-IP
code
dev
devops
disaster recovery
iRules
management
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Aug 30, 2012
Also, in 11.1 and higher, there is native support for TLS SNI so you don't need to use an iRule:

 

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-1-0.htmlrn_new

 

 

Transport Layer Security Server Name Indication

 

 

This release supports Transport Layer Security (TLS) Server Name Indication (SNI) in the SSL Stack.

 

 

Aaron