ABAP webdynpro in EP url are HTTP vs. HTTPs - popup errors - need to adapt F5 config

Question

We've been live with F5 load balancing our SAP EP java traffic for 3 years now - &nbsp;
&nbsp;We introduced ABAP web dynpro to our customer EP and they now receive pop-ups; HTTP watch trace files show that the themes url built are HTTP vs. HTTPS.  With that said, we've gotten recommendation from SAP to change our "Ports" and "ProxyMappings" configuration settings thru Visual administrator in the Dispatcher for the HTTP provider.  &nbsp;
&nbsp;We need to 
&nbsp;1) Configure the Ports parameter in the following way: 
&nbsp;(Port:54100,Type:http)(Port:54101,Type:ssl)(Port:54102,Type:http) &nbsp;
&nbsp;2) Configure the ProxyMappings in the following way: 
&nbsp;54100=(Host:hostname.com,Port:80,Scheme:http, Override:true),54101=(Host:hostname.com,Port:443, Scheme:http,Override:true),54102=(Host:hostname.com, Port:443,Override:true) &nbsp;
&nbsp;With this configuration, all the HTTP requests sent to port 54102 will be mapped on the Java dispatcher to the proxy server's host (hostname.com) and HTTPS port (443).&nbsp;
&nbsp;OK - so being a Basis admin techie --- we KNOW how and what to do on the SAP/EP side to make these changes - GOT IT&nbsp;
&nbsp;SAP has said "you need to adapt the F5 configuration" -- this is where we fall short and do not have the skill set to define what / how needs to be done to our F5 configuration; we've always contracted out our F5 configuration which to date has been basic enough that it didn't warrant a resource with both SAP and F5 skills&nbsp;&nbsp;
&nbsp;Any F5 / SAP guru's out there willing to talk this thru with us and perhaps get us to where we need to go?&nbsp;
&nbsp;Thank you in advance
&nbsp;Doreen

nojan_moshiri_4 · Answer

Hi Doreen, that's an interesting scenario but it seems pretty straightforward to me, but more detail is needed about the user traffic flow into the ABAP web dynpro.  For example, what URL will they be using versus the EP Traffic.&nbsp;&nbsp;It's more than likely that you just need a basic config with a new Virtual Server, a new Pool and some new monitors.&nbsp;&nbsp;&nbsp;Have you checked the portal deployment guide, you can likely adapt that guide to make a configuration for WebDynPro.&nbsp;&nbsp;&nbsp;SAP NetWeaver and Enterprise SOA: Enterprise Portal (BIG-IP v10 system)&nbsp;&nbsp;&nbsp;

danderson_19405 · Answer

We've finally determined that the bad (HTTP vs HTTPS) url's are contained within web pages vs. header.  SAP logic is definitely generating absolute url's and that's the root cause.&nbsp;
&nbsp;SAP has recommended that we switch our protocol to be all HTTPS vs. HTTPS to the client and HTTP internally within our network.  We don't want to do that as there isn't any reason that we need to run HTTPS internally.&nbsp;
&nbsp;Found a wonderful F5 resource who took the time to analyze the traffic and find all of the "where and when" url's were absolute.  Then built configuration within the F5 configuration to look for specific patterns and when found change to HTTPS&nbsp;
&nbsp;We are quite surprised that this is not spoken of often within BLOGS / FORUMS ETC. as to date, we hadn't been able to find anyone else reporting of the same issue and responses to their solutions.&nbsp;
&nbsp;Thank you 
&nbsp;Doreen

nojan_moshiri_4 · Answer

Doreen, thank you for taking the time to post it back.  Did you end up using a stream profile on the BIG-IP to make these changes? 
&nbsp;  
&nbsp; I find a lot of variety in SAP deployments, and not everyone sets up the landscapes the same way, so it's not surprising that there wasn't a ready answer. 
&nbsp;  
&nbsp; If you'd like to share your configuration with me, I could write a blog post to save people time and effort on this in the future, and I'd be happy to credit you and your F5 resources. 
&nbsp;  
&nbsp; You can reach me at n dot moshiri at f5 dot com 
&nbsp;  
&nbsp; Thanks for sharing this experience.

Forum Discussion

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

IPv8 Would Fix My Routing Tables. It Will Never Ship.

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

syslog over tcp and define management IP as source

VIP control across data centers - how to ensure only 1 VIP is up at a time?

migrate from serie I to R. Cluster LTM-GTM

CPU/vCPU sizing on rseries

Related Content

Radware config translation

virtual server config

Alteon Config Converter

Capturing load sys config verify errors to a file

Config Search