Hi!
I have a site that I'm load balancing using an ACE 4710. The FQDN of this site is mysite.mydomain.net.
My users only connect via SSL. However, while most use the FQDN of https://mysite.mydomain.net/, some insist on using https://mysite/. Both of these names point to the same vip of 10.10.10.100.
I have two SSL proxies for termination set up in my ACE context. One has a cert associated with it for the FQDN, while the other has a cert for the "mysite" name.
My problem is that you define the SSL proxy SERVER in the multi-match class rules. However, I don't think that using a layer-7 class map is possible here, so I can't match on header just for the hostname. How can I define a different SSL proxy SERVER so that connections to https://mysite/ are terminated with the correct cert, while connections to https://mysite.mydomain.net/ are terminated on a different server with the correct cert?
Thanks for the help.