Forum Discussion
munawar_64873
Nimbostratus
NimbostratusF5 SSL Offload: Error on first visit to site, against an HTTPS page
Hi,
We've implemented an F5 SSL Offload scenerio on our website, where all SSL traffic is routed to Port 8000 via the loadbalancer.
We're having an issue where, if the user hits the site by visiting an HTTPS page FIRST, then the site throws an error. If the user then refreshs, the page loads.
If the user visits an http page first, everything works fine, and subsequent calls to HTTPS pages on the site work fine. Its just the first visit to the site, against an HTTPS page the doesn't work.
When we test the site without the loadbalancer (ie. Http://mysite.com:8000/default.aspx) the page loads fine.
It almost seems like a timeout issue, but we haven't been able to figure it out.
Has anyone seen this before, or can help out?
Munawar
hoolioCirrostratus
Hi Munwar,
What is the error that the client sees on the first request that fails? Is it page cannot be displayed or some other message? If you use a browser plugin like Fiddler for IE or HttpFox for FF, can you post anonymized copies of the request/response headers?
Thanks,
Aaron
munawar_64873Hi Aaron,
Answers inline:
Q: What is the error that the client sees on the first request that fails? Is it page cannot be displayed or some other message?
A: Internet Explorer cannot display the webpage
Q: If you use a browser plugin like Fiddler for IE or HttpFox for FF, can you post anonymized copies of the request/response headers?
A: Fidler dump:
RAW dump of the header:
Request Header:
GET /MYSITE/Service/contentviewer.aspx?ID=AboutUs&Menu=Footer&MasterPage=AboutOurProducts.master HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.36 Safari/525.19
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,bzip2,sdch
Cookie: LinkShare=; CS_Anonymous={267c4238-0d45-489c-8fe5-48e5a8b06775}; ASP.NET_SessionId=ifmnvpnsoo5qrnu3bvmdt555
Accept-Language: en-US,en
Accept-Charset: ISO-8859-1,*,utf-8
Host: MYWEBSERVER:8000
Proxy-Connection: Keep-Alive
Response header:
HTTP/1.1 502 Fiddler - Connection Failed
Content-Type: text/html
Connection: close
Timestamp: 11:16:43:2651
[Fiddler] Connection to MYWEBSERVER failed.
Exception Text: No connection could be made because the target machine actively refused it MYLOADBALANCER.com:8000
Lou_27246I believe we may be having a similar issue regarding Safari and HTTPS/SSL sites. We consistently get the following error when trying to open an HTTPS page through Safari:
"Safari Can't open the page"
Safari can't open the page "https//xxxxx.xxxxx..xxxxx" because Safari can't establish a secure connection to the server.
A couple of "refreshes" and the page will then open. The https pages also open fine in I.E., F.F. and Chrome. Only has issues with Safari browser. When I pull the sites out from behind the F5 BipIP and hit them directly, the errors go away.- hoolio
TammyM_173209I realize this post is several years old - but I am having the same issue, except I'm using just the standard 443 port. Is there a resolution to this issue?