Multiple Certs, One VIP: TLS Server Name Indication via iRules

An age old question that we’ve seen time and time again in the iRules forums here on DevCentral is “How can I use iRules to manage multiple SSL certs on one VIP"?”. The answer has always historically...

Updated Aug 28, 2025

Version 2.0

Historic F5 Account

Joined May 12, 2005

View Profile

vinzclortho

Nimbostratus

Sep 15, 2015

We have been advised that when using native SNI on a virtual server, adding or removing a ClientSSL Profile from the virtual will cause all certs on it to be removed and re-added, breaking connections to the VS. Is that the case with this iRule approach, or can that behavior be avoided when using this iRule?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Multiple Certs, One VIP: TLS Server Name Indication via iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS