Http-request redirect and ACL

Hi,

I would like to add conditional https rewrite to my configuration.

Is there a way to “reconcile” these two things ?

acl acl_tst hdr(host) test-site.domain.com
http-request add-header X-Forwarded-Proto https if { ssl_fc }

WORKING

http-request redirect scheme https if !{ hdr(Host) -i test-site.domain.com } !{ ssl_fc }

#SYNTAX ERROR
http-request redirect scheme https if !{ acl_tst } !{ ssl_fc }

I would like to declare the ACL once and use it everywhere, but is it only possible ?

Regards

http-request redirect scheme https if ! acl_tst  !{ ssl_fc }

Damn, so easy !
Thank you very much

Reason is: you can reference an ACL directly just by name ( if acl_test ). However when you don’t have an named ACL, but want to directly match something, you use anonymous ACL’s, which you open and close with the { } signs ( if { hdr(host) test-site.domain.com } ). That’s the difference.

Thanks for this great explanation.

So { } is for a fetch, and “ssl_fc” is one, as is “hdr(host) test-site.domain.com
but nothing is required for a named ACL.

Could be a fetch, but really any ACL expression you’d otherwise use in the named ACL.