Forum Discussion
NimbostratusHTTP redirect working - now trying to setup HTTPS redirect
Hey Everyone!
First and foremost, this is an amazing support community. I'm pretty new to the F5's and a ton of posts have been extremely helpful in guiding me through what configurations are needed. Anyway... onto the meat and potatoes of my post.
I recently created an iRule for URL redirection that is as follows:
when HTTP_REQUEST {if {[HTTP::host] equals "myfriendlyurl.com"}{HTTP::redirect "https://myunfriendlyurl.com"}}
As I'm sure you can tell this is basically saying "Whenever a client goes to http://myfriendlyurl.com redirect them to https://myunfriendlyurl.com"... This is working great.
What I'm trying to accomplish is if a client goes to https://myfriendlyurl.com I want to send them to https://myunfriendlyurl.com.
I can't seem to figure out how to get this working and I haven't been successful in finding community posts on how to accomplish this.
Thanks for taking the time to read this, and any input is greatly appreciated!
3 Replies
kunjanDo you have SSL profile attached to the virtual server? Basically you need to terminate the SSL on BigIP using ssl client profile. Since the backend server is in SSL you got to put server SSL profile also to the virtual server.
This URL might be useful
- nitass
Employee
what kunjan said is the irule should be usable for both http and https virtual server. what you need on https virtual server is clientssl profile (to decrypt) and serverssl profile (to re-encrypt in case serer is https).
e.g.
configuration root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar* ltm virtual bar80 { destination 172.28.24.10:80 ip-protocol tcp mask 255.255.255.255 pool foo profiles { http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vs-index 11 } ltm virtual bar443 { destination 172.28.24.10:443 ip-protocol tcp mask 255.255.255.255 pool foo profiles { clientssl { context clientside } http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vs-index 10 } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo ltm pool foo { members { 200.200.200.101:80 { address 200.200.200.101 } } } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux ltm rule qux { when HTTP_REQUEST { if { [HTTP::host] equals "myfriendlyurl.com" } { HTTP::redirect "https://myunfriendlyurl.com[HTTP::uri]" } } } test [root@ve11c:Active:In Sync] config curl -I http://myfriendlyurl.com/something HTTP/1.0 302 Found Location: https://myunfriendlyurl.com/something Server: BigIP Connection: Keep-Alive Content-Length: 0 [root@ve11c:Active:In Sync] config curl -Ik https://myfriendlyurl.com/something HTTP/1.0 302 Found Location: https://myunfriendlyurl.com/something Server: BigIP Connection: Keep-Alive Content-Length: 0 
natewood70Thanks for the help everyone, I have been able to accomplish what was needed.
