Forum Discussion
NimbostratusPerformance (HTTP) and https redirect
Why cant the Performance (HTTP) type and the built in iRule to redirect http to https be friends? the iRule requires the use of the httpd profile but a VS of type Performance (HTTP) doesnt qualify.
So.. How can you redirect http requests on a performance (http) virtual server to https? Can this be done with a separate iRule? When I change virtual server types to standard to implement the built in iRule, the rule works, but the virtual server stops working.
thanks,
eah
8 Replies
Cory_50405Noctilucent
With the standard virtual server type, the reason it stops working when you switch to HTTPS is probably due to having an HTTP profile assigned. With no SSL profiles to terminate the SSL, the LTM is not going to be seeing HTTP traffic, but it will expect to. If you remove the HTTP profile, it will work.
Eric_Hartwell_1Ok so if I remove the http profile, I cant use the https redirect iRule. So I either need to figure out how to redirect http --> https using the Performance profile or need to get the http profile to work with https. How can I do either of those?- Cory_50405Do you have two separate virtual servers, one for 80 and one for 443? If so, the http profile should be applied to the port 80 VS and you can redirect via iRule to the 443 VS. No HTTP profile needs applied to your 443 VS.
- Eric_Hartwell_1no I only have 1 VS using the Performance profile and using service port 443.
- Cory_50405
If you implement a port 80 virtual server with an http profile and then apply your redirect iRule, you should be good to go. I was under the impression you had a port 80 VS from the start. Apologies for any confusion.
- Eric_Hartwell_1
For some reason my pool doesnt respond (no web page displayed) when I use the Standard type virtual server, but the redirect works. When I use the Performance (HTTP) type the pool responds when I go to https://server_ip but I cant use the https redirect.
- Cory_50405Can you post your VS config when in standard type? From tmsh, 'list ltm virtual virtualservername', where virtualservername is the name of your virtual server. Probably just a simple misconfiguration.
- Eric_Hartwell_1ltm virtual VS-GA { auto-lasthop enabled destination 10.10.1.3:http ip-protocol tcp last-hop-pool GA-pool mask 255.255.255.255 pool GA-pool profiles { html { } http { } rewrite-uri-translation { } serverssl { context serverside } tcp { } } rules { _sys_https_redirect } source 0.0.0.0/0 vs-index 15 }
