Forum Discussion

Mike757's avatar
Feb 11, 2023
Solved

behavior of SSL::disable serverside

Hello! I've configured an https virtual server, with an associated iRule that chooses the server pool according to the URI. The only unusual thing is that some of the pools have SSL servers and o...
  • xuwen's avatar
    Feb 11, 2023

    Better give the config of list ltm virtual xxx and serverside tcpdump to watch whether F5 send clienthello to this pool member

    modify this iRules to test:

     

     

    when HTTP_REQUEST {
      set usessl 0
      switch -glob [string tolower [HTTP::uri]] {
        "/path1/*" {
            set usessl 1
            pool POOL-path1
            persist cookie insert cookie1
        }
        "/path2/*" {
            set usessl 1
            pool POOL-path2
            persist cookie insert cookie2
        }
        "/path3/*" {
            set usessl 0
            # SSL::disable serverside
            pool POOL-path3
        }
        default {
         set usessl 1
        }
     }
    }
    when SERVER_CONNECTED {
      log local0. "usessl value is $usessl"
      if { $usessl == 0 } {
        SSL::disable
      }
    }