Forum Discussion
hooleylist
Oct 09, 2008Cirrostratus
I think it would make sense to map out the logic before testing more. Here is what I've gathered so far:
If a request is made via HTTP to a page (an object ending with .html?) with a path that contains /secure/, you want to redirect it from HTTP to HTTPS.
-- so on the HTTP VIP, redirect any requests to /secure/ pages to HTTPS
Once the client makes a request via https to a /secure/ page, you want to rewrite the references from http to https in the page content, so the client will request those objects over https as well (to avoid the insecure content warning).
-- so enable the stream profile on the response to rewrite http:// to https://
Are there other /secure/ pages which don't have the .html file extension? Are there any requests to the HTTPS VIP which you want to redirect to HTTP?
Aaron