iRule to help WebDAV COPY work through SSL Proxy

We are migrating webdav publishing services to BIG-IP 9.1.2 Build 40.6

 

 

We are seeing error 502, on COPY operations and other operations not functioning correctly through the SSL proxied virtual.

 

 

It sounds like this is a malfunction of the proxy according to the posts I found from the SVN users list:

 

 

http://svn.haxx.se/users/archive-2006-12/0946.shtml

 

 

“The proxy only rewrites the request URL, but not the other headers, so the

 

SVN-Apache (Apache without SSL) receives:

 

COPY /svn/old/path HTTP/1.1

 

Host: svn.myserver.tld:10600

 

Destination: https://myserver.tld/svn/new/path

 

....

 

 

...and immediately recognizes that it is definitely not responsible for

 

serving https, let alone myserver.tld or even port 443. So it does not show

 

the the request to SVN, but instead sends back a 502 error.

 

(I found that with the help of tcpdump, LogLevel debug and a good long look

 

into the mod_dav sources.) “

 

 

Has anyone solved this with an iRule?

 

 

I don’t want to hack mod_dav as one user did.

 

 

Relevant config:

 

 

 

 

virtual irt-publish-ssl {

 

 

destination a.b.c.d:https

 

fallback persist source_addr

 

ip protocol tcp

 

profile irt-publish sslheader tcp

 

persist ssl

 

pool irt-publish

 

}

 

 

profile http sslheader {

 

defaults from http

 

header insert "GOHTTPS:1"

 

redirect rewrite all

 

insert xforwarded for enable

 

 

}

 

 

Thanks,

 

Fletcher.