cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Rewrite URL in header and add URI

Bartek
Cirrus
Cirrus

Hi,

I have this to achieve, and I'm getting a bit lost:

So the client hits a VIP on port 443, SSL is offloaded with a CA certificate (abc.com), and traffic is re encrypted and sent to pool member on port 8044, which has a certificate for xyz.com/some_uri. So I need an iRule to:

1) Change URL in header from abc.com to xyz.com

2) Add /some_uri at the end of URL

Is that even possible? I mean the iRules should affect the incoming traffic after it's being decrypted, right? If so, how to design those iRules (it's not a redirect, isn't it?)

 

I was thinking of something like this, but I'm not sure this will do the trick:

when HTTP_REQUEST {

HTTP::header replace Host xyz.com

HTTP::uri /some_uri

}

 

Also, the client comes with it's own certificate, which than has to be passed to the pool member to authenticate (not on the F5, the authentication has to be made on the real server). Is it enough to check the Proxy SSL checkbox in the profile?

1 REPLY 1

James_Thomson
F5 Employee
F5 Employee

You should be able to do what you want with an LTM policy I believe.

https://devcentral.f5.com/s/articles/ltm-policy

You'll end up replacing the http-host and http-uri

 

Some examples here

https://somoit.net/f5-big-ip/name-based-reverse-proxy-ltm-policies

https://www.youtube.com/watch?v=-iLzxfKbl5A