Redirect from HTTP to HTTPS based on URI

I would like to redirect traffic on my VIP to use HTTPS, but only when they use a specific URI. I have attempted this with the following rule:

 

 

if (http_uri contains "/administrative") {

 

redirect to "https://%h/%u"

 

log "matched host(" + http_host + "), uri(" + http_uri + ") by client(" + client_addr + ") : using WAHA_Admin"

 

}

 

else {

 

use pool WAHA_Admin

 

log "didn't match host(" + http_host + "), uri(" + http_uri + ") by client(" + client_addr + ") : using WAHA_Admin"

 

}

 

 

The result of this is what appears to be a loop as a call is never made via HTTPS. My question is, is this configuration supported? Here is an example of what the traffic looks like during the loop:

 

 

GET /administrative/ HTTP/1.1

 

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*

 

Accept-Language: en-us

 

Accept-Encoding: gzip, deflate

 

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)

 

Host: 10.50.195.170

 

Connection: Keep-Alive

 

 

HTTP/1.0 302 Found

 

Location: https://10.50.195.170/administrative/

 

Connection: close

 

 

GET /administrative/ HTTP/1.1

 

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*

 

Accept-Language: en-us

 

Accept-Encoding: gzip, deflate

 

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)

 

Host: 10.50.195.170

 

Connection: Keep-Alive

 

 

HTTP/1.0 302 Found

 

Location: https://10.50.195.170/administrative/

 

Connection: close

 

 

I have been able to configure this successfully using 3 VIPs and then using rules to redirect traffic amoung them. Obviously this is sub-optimal.

 

 

Thanks,