Forum Discussion
Joseph_Johnson_
Nimbostratus
NimbostratusHTTP to HTTPS
Hi,
I was wondering if someone could help me with an irule that will redirect a site http://test.site.com:8050 to https:test.site.com:8050. The problem is it keeps getting stuck in a loop. I need it to know if its http to redirect but if the site comes in https then to not redirect the request again.
Thanks!!!
shopkeeper56_23Cirrostratus
Generally with http-to-https redirection you would have two VS's with the same destination IP on different ports (eg. 80 & 443). There is a default iRule which will work for this (_sys_https_redirect). You will not be able to create one VS on 8050 without SSL profiles and another on the same port without SSL profiles to redirect to.
Why does your front end VS need to be listening on 8050 specifically? Could you not just do the generic 80/443 scenario I mentioned and if you backend pool members are listening on 8050 (ssl or otherwise), configure them as such.
Theo_12742Cirrus
Furthermore, I would make the comment to the Oracle developers that they had to change the SSL settings for their port, and it's unrealistic to presume you wouldn't have to as well. The problem lies with order of operations: SSL is negotiated before HTTP comes into play (where you would redirect). I don't know of a way you could, though it may be possible if you could (using an iRule) detect whether SSL is used at an earlier event (like CLIENT_CONNECTED, where you can disable SSL).- shopkeeper56_23I dont see why you couldn't make the virtual server with no client SSL profile (aka HTTP between client and Big IP), then use a server SSL profile (SSL between Big IP and Server). This can all be done on the same VIP. This I think does what your describing does it not?
Joseph_Johnson_Where would the redirect come into play. Remember, all of this is happening on the same VIP, I don't see how HTTP and HTTPS would use SSL on the same VIP simultaneously.