Forum Discussion
dsirrine_24840
Altostratus
AltostratusRedirect HTTPS to HTTPS
Version: BIG-IP 9.3.1 Build 46.7
I am currently trying to redirect an https site to another https site using irules.
My irule looks like this:
if { [HTTP::host] contains "foo.bar.com"}
{ HTTP::respond 301 Location "https://foobar.foobar.com"}
This will redirect http://foo.bar.com to https://foobar.foobar.com, however, https://foo.bar.com fails to re-direct. I can't seem to find the answer in here. Any help at all would be helpful...
- dennypayne
Employee
Are you terminating SSL on the LTM? If not, there's no way to run iRules on HTTP events.
Denny 
Matt_Breedlove_Nimbostratus
What are the options if SSL is not being terminated on the VS and instead passed through to app server?
Anyway to redirect inbound users to another external URL?
hoolioCirrostratus
If you're not decrypting the SSL, you can't view or interact with the HTTP, so no, you cannot issue an HTTP redirect. If you have to have the LTM to server connection encrypted, you could decrypt the client side connection with a client SSL profile and re-encrypt the server side with a server SSL profile. You would need to import the SSL cert and key to LTM for this. The cert would need to be valid for all fully qualified domains that resolve to the virtual server IP address.
Aaron
dsirrine_24840Can I just add the cert to the LTM under "Main -> Local Traffic -> SSL Certificates" to have the LTM be able to decrypt the SSL?- hoolioYou could need to import the SSL cert and key, create a client SSL profile which references the cert/key and then add the client SSL profile to the virtual server. The LTM config guide on AskF5.com describes this.
Aaron - dsirrine_24840Awesome. Thanks a lot for your help...
