For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Tyson_James's avatar
Tyson_James
Icon for Cirrus rankCirrus
Sep 25, 2018

HTTPS to Tomcat 8003....

I think I have a very similar issue to the two following articles, however we have tried the respective "fixes" and had no joy :   https://devcentral.f5.com/questions/https-to-tomcat8080   http...
application delivery
BIG-IP
iRules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Sep 25, 2018

There are a number of things that it could be, but you'd need to run some additional tests to narrow it down.

  • We first need to verify that traffic is actually getting to the Tomcat server. You can do that with a tcpdump capture on the server side F5 VLAN. You should see the port 8003 traffic in this capture. And since it's not encrypted, you can also see what the requests and response look like (using the -Xs0 switch).

    tcpdump -lnni [server side vlan] -Xs0 port 8003

  • Assuming you see a full TCP 3-way handshake and some data going back and forth, look at the payload. Look for any responses from the server that look like HTTP redirects. You can also install Fiddler on the client side to get a better look. What you're looking for here are any redirects or URLs coming from Tomcat that specify "; instead of ";. This is a non-uncommon problem when application servers don't understand they're in an SSL-terminated environment and continue to send resource links via http.

Let us know what you see from the above tests.