Forum Discussion
Glenn_Ruffus_10
Dec 20, 2007Nimbostratus
Thanks, Aaron.
I now have this iRule in place on the HTTPS virtual server:
when HTTP_REQUEST {
if { not ( [HTTP::host] starts_with "www." ) } {
HTTP::redirect "https://www.[HTTP::host][HTTP::uri]"
}
}
The iRule works *once it is invoked* but it is invoked *after* the SSL handshake occurs. It is an HTTP_REQUEST iRule so the SSL session negotiation happens before the HTTP request is processed. Part of the SSL negotiation involves comparing the requested URL with the URL defined on the cert. So, the security alert comes up based on a mismatch between the requested URL (with no www.) and the URL on the cert (with the www.)
Is there a way to make the above iRule get invoked *before* the SSL negotiation? Doesn't seem like it but I thought that I would ask.
Thanks.
Glenn