Forum Discussion
Robert_47833
Altostratus
AltostratusDo we have other way to forward https
Hi,need help
request: https://www.sr24stubtex.com/help/services/
want to forward to a pool cjj
becuase backend server only open http:80 as the service and the java code didn't accept two different domain
so it seems code below doesn't work.
if {$uri matches_regex "^/help/services/" }
{ HTTP::redirect "http://help.sr24.com[HTTP::uri]"
return
how can I achieve this, I want to change the port from 443 to 80 and forward to pool cjj
hooleylistCirrostratus
You could also consider configuring a pool with the servers on port 80 and call that from the iRule when you disable serverside SSL.
Aaron
Robert_47833ok,hehe,thanks u
I will create a new pool with ip:80
tnanks ,fellows
it is a big help- Robert_47833hi,
what is the difference between
SSL::diable and SSL::disable serverside? - hooleylistIf you're calling SSL::disable in a clientside event like CLIENT_ACCEPTED or HTTP_REQUEST and you want to disable serverside SSL to use a non-SSL pool, you should use SSL::disable serverside.
Aaron - To add to what Aaron's (correctly) saying, since the F5 device is a full proxy, the clientside / serverside commands are basically telling it which side of the proxy to act on (basically, there's more detail than that). That's how I tend to explain it to people at least.
Colin - Robert_47833hi,thans so much.I didn't add serverside before,now it works fine
if only use SSL::disable in a http::request event,it will disable https request from client?
so does it mean traffic between client and F5 is http? - If you use SSL::disable in HTTP_REQUEST, which is a clientside event, it will indeed disable the clientSSL profile on the LTM, meaning the LTM will expect unencrypted traffic.
Colin - Robert_47833thansk very much for this ,I will close it
- Cool, glad it helped.
Colin
