Forum Discussion
scottl_82413
Nimbostratus
NimbostratusMaintain SSL Persistence
We're in the process of moving a site from a standalone server to web farm behind an LTM. In the web farm, we are offloading SSL on the LTM. Some users connect HTTP, some connect HTTPS.
On the site, we have a button that shows/hides some report filtering. It does this by redirecting you to from
http(s)://www.mysite.com/filters.aspx
to
http(s)://www.mysite.com/filters.aspx
(simply adds a sign to the existing URL - and the server sees whether you are http or https and gives the appropriate URL)
The problem is that with SSL offloaded to the LTM, users always get redirected to http, because the server always sees the session as http, never https.
Is there a way for the LTM to maintain the SSL session if the user is connected SSL? I've tried this a few ways and it causes several page loads (https to http then redirect to https) and the filters don't show.
or is there a way I can check for an SSL session and insert something into the header that the developers can check for and therefore give an https redirect?
Thanks.
hoolioCirrostratus
Scott, assuming you have one HTTP and one HTTPS virtual server, you could configure a custom HTTP profile for each VIP. On the HTTP profile for the HTTP VIP, configure the header to remove field as Ssl-Enabled or some custom header name. On the HTTP profile for the HTTPS VIP, configure the header to remove field as Ssl-Enabled or some custom header name and the header to insert as Ssl-Enabled: True. The application can then check for this header name with a value of True to determine whether the client side connection was over SSL or not.
ericsowa, I don't think your issue is related. Check your other post for some ideas.
Aaron