Forum Discussion
James_78615
Nimbostratus
NimbostratusHTTPS redirect issue - Require specific embedded link to remain http.
Hi,
I have an issue with my client side SSL handoff.
I have the following iRule setup to convert http pages to https:
when HTTP_RESPONSE {
STREAM::enable
STREAM::expression "@http:@https:@"
}
I have a problem with IE browsers (firefox etc works fine) where the following html embedded link needs to remain http:
After my first iRule has converted all 'http' to 'https', I have setup another iRule to convert that particular link back to http:
when HTTP_RESPONSE {
STREAM::enable
STREAM::expression "@https://schemas.microsoft.com:@http://schemas.microsoft.com@"
}
The second iRule is not working for me. Is there a way to leave certain embedded links as http?
Thanks
James
- Just for information sake, James wants all of the imbedded links to change to https (hence the original iRule) except for http://schemas.microsoft.com/intellisense/ie5
James_78615Hi Aaron,
I created that iRule but when I apply it to my virtual server, I can no longer get to the webpage.
I get the 'accept certificate' page as the SSL connection terminates on the BIGIP but then the webpage does not come up at all.
Is that stream expression meant to handle modifying the http -> https characters as well as keeping the embedded microsoft web link as http?
Cheers
James
hoolioCirrostratus
Hi James,
Yes, the regex between the first pair of @'s should match any "http:" string except if it is followed by "//schemas.microsoft.com/intellisense/ie5". The stream profile shouldn't break the HTTP request/response cycle. On the HTTP profile associated with the VIP, do you have chunking set to rechunk? This allows TMM to recalculate the content length.
Do you see any errors in /var/log/ltm when a failure happens? If not, can you install a browser plugin like HTTPwatch or IEwatch to see specifically what URL and request/response the failure happens with?
Thanks,
Aaron
