Multiple Certs, One VIP: TLS Server Name Indication via iRules

An age old question that we’ve seen time and time again in the iRules forums here on DevCentral is “How can I use iRules to manage multiple SSL certs on one VIP"?”. The answer has always historically...
Published Apr 05, 2011
Version 1.0
adn
application delivery
availability
BIG-IP
code
dev
devops
disaster recovery
iRules
management
hooleylist's avatar
hooleylist
Icon for Cirrostratus rankCirrostratus
Aug 30, 2012
Also, in 11.1 and higher, there is native support for TLS SNI so you don't need to use an iRule:

 

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-1-0.htmlrn_new

 

 

Transport Layer Security Server Name Indication

 

 

This release supports Transport Layer Security (TLS) Server Name Indication (SNI) in the SSL Stack.

 

 

Aaron