Forum Discussion

Cirrus

Nov 25, 2024

Problem with lets encrypt and redirect after update

Hi, we have updated our BigIP last week from 15.x to 17.1.1.4, since then we are not able to get certificates from lets encrypt, if there is the _sys_https_redirect iRule active on the Virtual Serve...

LTM

mwi

Cirrus

I cant merge them together, because not every Server needs an redirect, but i made a new redirect rule with if {[HTTP::has_responded]} and this fixed my problem.

I would like to understand why this happens, in my head the server get an request, checks if the path starts with "/.well-known/acme-challenge/", if this is true, it tries to respond with the token. Then it tries to redirect, but fails because an response has already sent.

But why does the server respond with an connection reset by peer?

Juergen_Mang

MVP

Nov 26, 2024

If an iRule throws an error the connections are reset by LTM. This is a default behavior of LTM. The iRule error is logged in /var/log/ltm and if you enable RST cause logging you should see the RST-Packet send from the F5.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Problem with lets encrypt and redirect after update

Recent Discussions

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

ports are showing open on online scanning tool

Related Content

Anchor Link Redirect

Redirect On Weak Encryption

Lock and Key - Encrypting EBS Disk Volumes for BIG-IP AWS Deployments

Source_Addr Persistence Problems

url redirect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS