Serving Port 80 and 443 for a web application

Question

We have a web server which has historically only run on port 443.  In order to use ACME for automated cert issuance, I have to allow port 80 through to the web server.  I've configured the web server to listen on 80, allowed the port in local firewall and perimeter firewall, and created a virtual server at the F5 pointing to the same internal IP as the functional 443 application.&nbsp;
When I attempt to access it over the internet, I get a generic timeout error.&nbsp;
I suspect the issue has to do with our APM and the establishment of SSL, but I don't know how to get around that.  What is the correct way to set up a virtual server and APM policy to handle both 80 and 443 to the same machine?&nbsp;

kevin_stewart · Answer

There's a Secure setting in the Cookie Options of the APM profile - SSO/Auth Domains tab. This option, when enabled (by default) instructs the browser to only use the APM session cookie over HTTPS connections.&nbsp;
I might caution that if a single access session is to be used across 80 and 443 connections, there's a risk of compromising the HTTPS session if the cookie is stolen. It may be better to isolate the 80 and 443 traffic into separate policies.&nbsp;

Forum Discussion

Serving Port 80 and 443 for a web application

Recent Discussions

VS FORWARDING & ROUTE

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

Related Content

Free Passes to AppWorld 2025 – First Come, First Served!

Securing Model Serving in Red Hat OpenShift AI (on ROSA) with F5 Distributed Cloud API Security

Serving or browsing iFiles

VIPTest: Rapid Application Testing for F5 Environments

Application Programming Interface (API) Authentication types simplified

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS