HTTP to HTTPS

Question

Hi,&nbsp;
I was wondering if someone could help me with an irule that will redirect a site http://test.site.com:8050 to https:test.site.com:8050.  The problem is it keeps getting stuck in a loop.  I need it to know if its http to redirect but if the site comes in https then to not redirect the request again.  &nbsp;
Thanks!!!&nbsp;

shopkeeper56_23 · Answer

Generally with http-to-https redirection you would have two VS's with the same destination IP on different ports (eg. 80 &amp; 443). There is a default iRule which will work for this (_sys_https_redirect). You will not be able to create one VS on 8050 without SSL profiles and another on the same port without SSL profiles to redirect to.&nbsp;
Why does your front end VS need to be listening on 8050 specifically? Could you not just do the generic 80/443 scenario I mentioned and if you backend pool members are listening on 8050 (ssl or otherwise), configure them as such.&nbsp;

joseph_johnson_ · Answer

Hi,

Thanks for you answer!  The reason is because the business is using multiple oracle apps that are on different ports.  For example, http://oracle-test:8050 is one app and http://oracle-test:8090 is another app.  I have a VIP configured that is listening on Port 0, and an irule that will check the port coming in appended to the URL and pass it to the associated Pool for that port.  Now they want to utilize HTTPS.  They can browse to the direct link https://oracle-test:8050 but they want to be able to redirect if a user just types in http://oracle-test:8050 to https://oracle-test:8050.  Is there anything in the https header that we can pull out so that for example it an http request comes in redirect to https but if the [HOST]URL is HTTPS then do nothing and just let the traffic pass through?  I know this may be convoluted but thanks for you response.

shopkeeper56_23 · Answer

So just to make sure I'm clear... you would like the following flow....

Client to VS is HTTP on the 80xx port. Then SSL on the connection between the Big IP and the Pool member (again on 80xx port)? All you would need to make this work is an Server SSL profile (using a certificate trusted by your Oracle hosts) and apply it to the VS

joseph_johnson_ · Answer

Where would the redirect come into play.  Remember, all of this is happening on the same VIP, I don't see how HTTP and HTTPS would use SSL on the same VIP simultaneously.

shopkeeper56_23 · Answer

I dont see why you couldn't make the virtual server with no client SSL profile (aka HTTP between client and Big IP), then use a server SSL profile (SSL between Big IP and Server). This can all be done on the same VIP. This I think does what your describing does it not?

Forum Discussion

HTTP to HTTPS

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Http redirection

HTTP and HTTPS from same VS

HTTPS

determine HTTP or HTTPS

HTTP to HTTPS redirect with URI editing.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS