on 12-Sep-2016 04:39
Problem this snippet solves:
Hi Folks,
the iRule below can be used to relay client side provided TLS SNI extensions to the server side. The iRule is usefull if your pool servers depending on matching SNI records and you don't want to configure dedicated Server SSL Profiles for each single web application.
Cheers, Kai
How to use this snippet:
Code :
when CLIENTSSL_HANDSHAKE { if { [SSL::extensions exists -type 0] } then { set tls_sni_extension [SSL::extensions -type 0] } else { set tls_sni_extension "" } } when SERVERSSL_CLIENTHELLO_SEND { if { $tls_sni_extension ne "" } then { SSL::extensions insert $tls_sni_extension } }
Tested this on version:
12.0