Was this article helpful?
Hi kgaigl,
the iRule uses the
HTTP_REQUEST
event to extract the HOST-header value of the client requested ressource. This value is then used as Server_SSL SNI-Value.
If the client requests https://www.domain.com/ the Server_SSL SNI-Value will become If the client requests https://ww2.domain.com/ the Server_SSL SNI-Value will become ww2.domain.com
Note: You may use whatever logic during the
event you like to decide which SNI-Value should be used to negotiate the Server Side SSL connection.HTTP_REQUEST
Important: To make this iRule work you have to make sure that you dont specify a SNI-Value in your Server_SSL_Profile. This will allow the iRule to simply inject the SNI-Value without clearing existing values (aka. clearing existing values is not supported). If you set the "Server Name" option in your Server_SSL_Profile, the SSL negotiation will most likely fail...
Cheers, Kai