Forum Discussion

Nimbostratus

Oct 01, 2007

Problems with ssl_session_id Check

Hi, we terminate our ssl Traffic directly on the ltm. From the Ltm to the node of our cluster it's unencrypted. Now we use a webcms System wich checks the ssl_session_id on the sev...

Oct 02, 2007

If all you are doing is looking for a header of "SSL_SESSION_ID" or "HTTPS" you can easily add them with an iRule

when HTTP_REQUEST {
   Set the SSL_SESSION_ID header value to "12345"
  HTTP::header add "SSL_SESSION_ID" 12345
   or set the SERVER header to "on"
  HTTP::header add "HTTPS" "on"
}

So now all requests will have the two headers being sent to your backend application regardless of whether it came from the client over HTTPS.

I have no idea what this will do with your web server though. I'd make sure that if these headers don't trigger your webserver into thinking that it's really a HTTPS connection and try to decrypt the traffic, etc.

-Joe

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)