F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Zainal_Abidin_1's avatar
Zainal_Abidin_1
Icon for Nimbostratus rankNimbostratus
Dec 23, 2013

Http Redriect Loop

Hi,   I want to do redirect from HTTP to HTTPS. I have set iRule.   when HTTP_REQUEST { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }   On firefox, it loop but on chrome it's...
deployment
ibm
nitass's avatar
nitass
Icon for Employee rankEmployee
Dec 25, 2013

Can i use this command: ssldump -k /config/ssl/ssl.key/our-domain.key -i 1.1 port 443 -A -d

 

yes but it may be better to capture both clientside (between client and f5) and serverside (between f5 and server). there is special interface 0.0 which will capture traffic from all vlan.

 

e.g.

 

ssldump -k /config/ssl/ssl.key/our-domain.key -i 0.0 port 443 or port 80 -A -d

 

anyway, it may be good to save packet to file (using tcpdump) and decode/decrypt it later (using ssldump or wireshark).

 

e.g.

 

tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap port 443 or port 80 -v

 

Decrypting SSL traffic with Wireshark, and ways to prevent it

 

http://wirewatcher.wordpress.com/2010/07/20/decrypting-ssl-traffic-with-wireshark-and-ways-to-prevent-it/