Forum Discussion

David_Broaddus_'s avatar
David_Broaddus_
Icon for Nimbostratus rankNimbostratus
Aug 18, 2016

HTTPS to HTTP redirect for maintance page.

We have a HTTPS virtual server that is set as a basic configuration with no iRules. For multiple reasons (security, and simplicity being the biggest) the SSL certs are terminated on the back-end serv...
devops
iRules
LTM
ssl
Ryan_80361's avatar
Ryan_80361
Icon for Cirrostratus rankCirrostratus
Aug 18, 2016

Heya, you are correct in thinking that the certificate will need to be placed on the LTM. If the LTM can't "see inside" the encrypted traffic then it can't modify it e.g. send the redirect that you want. You'll need to perform SSL offloading or SSL bridging (which seems more appropriate as you obviously already have pool members listening on 443 etc).

 

  • Zac_Quinn's avatar
    Zac_Quinn
    Icon for Nimbostratus rankNimbostratus
    Aug 19, 2016

    Reading the OP it looks like David just needs to redirect to a sorry page so he shouldn't need to inspect the contents as his rule is a simple passthrough rule with no L7 uri inspection. Take a look at " as this should give you a couple of ideas for the irule. You can direct to a page on another server or have the LB respond directly with an HTTP page coded in the irule.

     

    Hope this helps

     

    Regards

     

    Zac

     

  • David_Broaddus_'s avatar
    David_Broaddus_
    Icon for Nimbostratus rankNimbostratus
    Aug 19, 2016

    Thanks. The more I thought about it the more I was certain I was correct. The independent opinion is appreciated.