Change path

You need to have a ClientSSL profile on your SSL Virtual Server so it can decrypt the traffic, view the requested path, and rewrite it.

I have an SSL profile that decrypts the traffic. I do know how the F5 works. What I don't know is why your rule only works for http traffic while mine works for all traffic. It's not a decryption issue. Yours is not the only rule that I've seen work this way. Perhaps I should start a new topic since this is a different issue than what I originally asked. I do appreciate the help.

I think the offset for the string range needs to be 4 instead of 3 as /ssl is 4 characters. Can you try testing with some additional logging?

when HTTP_REQUEST {
  log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::method] request to [virtual name]\
    [IP::local_addr]:[TCP::local_port] [HTTP::host][HTTP::uri]"
  set uri [tolower [HTTP::uri]]
  if { $uri starts_with "/ssl/" } {
    log local0. "[IP::client_addr]:[TCP::client_port]: URI starts with /ssl/,\
      updating URI to [string range [HTTP::uri] [expr {[string first /ssl/ $uri] + 4}] end]"
    HTTP::uri [string range [HTTP::uri] [expr {[string first /ssl/ $uri] + 4}] end]
  } 
}

Aaron

We need to get rid of one of the slashes too. So /SSL/ becomes /. This works correctly when the request is http. https requests don't get changed at all.

With the updated iRule, /ssl/ is rewritten to /. Can you try testing with the updated rule and debug logging to see what is logged when it fails over HTTPS?

 

 

Aaron

I figured it out. I was looking at it wrong. I am re-writing http requests to https after it hits the rule to eliminate /SSL. So for the http request, I've removed /SSL and then pass the new URL to the second rule, which rewrites it https w/o /SSL, since that already got stripped, and my browser shows the new URL w/o /SSL. But when the request is https, only the first rule gets applied and passes on the request to the web server w/o /SSL but does not change the URL in the browser. So it works for both requests, but the URL in the browser is unchanged. That's what was throwing me. I really appreciate all the help.