Forum Discussion
Host rewrite with SSL offloading
Hello, Am trying to accomplish the following task, that looks very easy, but currently cannot figure out/find out on devcentral or kb. I would like to use my BIG-IP with LTM as a reverse proxy replacement with SSL offloading towards internet, i.e.: External application: https://app.external.com Internal application: http://app.internal.com Everything appended after the URL should be kept as it is (no URI rewrite), means: https://app.external.com/a ----->http://app.internal.com/a https://app.external.com/b ----->http://app.internal.com/b so basically, I only want the host name rewritten, as we are using IIS host headers to bind on a single IP multiple websites. In order to accomplish that, I have setup a VS with client SSL profile, and applied ProxyPass iRule. Nevertheless, I can see that when the server response is on http, the client get the http URL, than the HTTPS back and this trows a client error. ProxyPass log is: Rule /Common/ProxyPass : VS=/Common/test_vs_https_app.external.com, Host=app.external.com, URI=/a/: Changing response header Location: http://app.internal.com/a/login.do with http://app.external.com/a/login.do As you can see, the response back to client is in http, rather than https, and this obviously generates an error. Can you please help me in obtaining such objective?
- MiLK_MaNNimbostratus
You will want to enable redirect rewrite in the HTTP profile. This will rewrite the schema in the Location header to https. The ProxyPass is simply rewriting the hostname, but the schema modification can be done in the http profile.
- Roberto_Anzane1Nimbostratus
Thanks Milk_Man!:-) Actually applied that SOL, with redirect rewrite ALL, and fixed the issue Thanks a lot for your prompt help!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com