Forum Discussion
DM_5174
May 10, 2011Nimbostratus
HEADER Rewrite without redirect trusted site Pop-up error on Internet Explorer..
Hi All,
We have an issue where one URL shares the same IP address with the other (e.g. URL1=1.1.1.1 and URL2=1.1.1.1). We want to eventually decomission URL1 and have users go in to URL2 but the trusted site pop-up is driving everyone crazy.
Currently we have an I-Rule on the LTM that when users types in http://www.URL1.com, they get redirected
by the i-rule to https://www.URL2.com. This however gives an oop-up error if you're using Internet Explorer
as seen below. You have to click yes or no to continue or add the domain in your trusted site list to avoid
future popups. This needs to be transparent to the users.
The current webpage is trying to open a site in your Trusted sites list. Do you want to allow this?
"Current site: http://www.URL1.com"
"Trusted site: http://www.URL2.com"
Rewrite Host Header iRule
when HTTP_REQUEST {
if { [HTTP::host] equals www.URL1.com } {
Rewrite host
HTTP::header replace Host www.URL2.com
if nothing matches above, still redirect from HTTP to HTTPS for this session
} else {
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}
}
Question: Can we have an i-Rule that rewrites the URL when the users connects from http://www.URL1.com to HTTPS://www.URL2.com transparently for the connected users so it looks like their initial connects seems to come in on http://www.URL2.com so that they do not get the "trusted site pop-up". All sessions after this rewrite should connect as the new .com?Thanks,
-DM
- Michael_YatesNimbostratusHi DM,
- DM_5174NimbostratusHi Michael,
- DM_5174NimbostratusI have tried this below and it still does not work. Can anyone help?
when HTTP_REQUEST { Check the host header value (set to lowercase) switch [string tolower [HTTP::host]] { "www.URL1.com" { Replace the Host header HTTP::header replace Host "www.URL2.com" } else { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } } }
- Michael_YatesNimbostratusAre you getting a Trusted Sites Error or an SSL Certificate Mismatch Error?
- DM_5174NimbostratusI am getting a "trusted sites" error. How the rule should work is if I go into http://www.URL1.com, it should replace my header and rewrite https://www.URL2.com (this has the SSL profile associated to this URL. It works without pop-up errors if I do not have "*.URL1.com" in my trusted site IE settings.
- DM_5174NimbostratusI am getting a "trusted sites" error. How the rule should work is if I go into http://www.URL1.com, it should replace my header and rewrite https://www.URL2.com (this has the SSL profile associated to this URL. It works without pop-up errors if I do not have "*.URL1.com" in my trusted site IE settings. If I use Firefox, it does not give me the trusted site popup error, only IE.
- Michael_YatesNimbostratusI do not have any environments similar to what you are describing, so I am unable to recreate the results that you are having and the functionality that you are describing also does not make sense to me since the iRule you have posted does not have the functionality that you are describing:
- The_BhattmanNimbostratusHi DM,
- DM_5174NimbostratusThanks Guys. I was trying to eliminate the pop-up with an irule somehow but came to the same conclusions that Michael and you did. Even if you rewrite the URL to something else, due to the fact you are coming in on one IP address and back out and in again through the same IP address but with a different domain name, it is the nature of IE to give you the popup if you have that domain already listed in your trusted list. I did not have an issue with FF, but with IE was much more picky.
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects