Forum Discussion

jondyke_46152's avatar
Icon for Nimbostratus rankNimbostratus
Jul 15, 2011

https to https redirect to different hostname

I know there are a bunch of redirect irules out there already (I have a few I am already playing with) but I was wandering if how straight forward it would be to do the following:-



SiteA is a VS that is SSL Offloaded on the F5



SiteB is a different VS (different hostname) that uses SSL Passthrough (not offloaded)





I would like to redirect any traffic that hits to without the user getting any kind of certificate mistmatch error.



2 Replies

  • Colin_Walker_12's avatar
    Historic F5 Account
    Hmmm, I'd have to test this as I think your user might get a warning regardless when redirecting away from an SSL site. Not a cert mismatch error, but a warning that the site is sending you elsewhere.



    It'd be trivial to write the rule. There wouldn't be a cert mismatch as long as they used the correct hostname to access both sites where the certs were decrypted. You'd just use a basic HTTP::redirect and be on your way. The real question is will the browser squawk about leaving the original site?



  • Turns out that is not what they wanted at all. What they wanted was to change the middle of the URL whilst leaving the ending alone.

    So for example:- to

    Not tested it yet but wandering is this would work?

    when HTTP_REQUEST { 
       Check if path starts with
        if { [string tolower [HTTP::path]] starts_with "/DocumentRenderer.svc"}{ 
            Replace with in the path 
           HTTP::redirect [string map {} [string tolower [HTTP::path]] ] 

    If this does work then they I am assuming that they are still going to get an issue with https is used as the hostnames are different.