Forum Discussion

KenK_34741's avatar
KenK_34741
Icon for Nimbostratus rankNimbostratus
Feb 02, 2011

Sharepoint with F5, anonymous HTTP and SSL-offloading

Hey James, I asked the following question on the webinar:

 

 

“When doing both SSL off-loading and HTTP to the F5, I've had problems with SharePoint image picker. Have you been able to make that work while terminating SSL and HTTP (not a redirect to https) traffic at the F5?”

 

 

To further expand on this, we have the requirement for both anonymous (http) and authenticated traffic (https) on the same SharePoint sites. We attempted to implement this with both 80 and 443 load balancing to SharePoint on port 80 with the default AAM set as , but ran into problems. One critical issue was with the image picker; it didn’t work. Once logged in, the image picker prompts looked correct but a user couldn’t change folders. We worked with MS premier support and the final solution was to install self-signed SSL certificates on SharePoint and load-balance VIP:port 443 through to SharePoint, which defeats the purpose of SSL off-loading. Did we miss something?

 

 

I’d be happy to offer more environment configuration data, let me know what else you need. Thanks in advance!

 

  • Helen_Johnson_1's avatar
    Helen_Johnson_1
    Historic F5 Account
    Hi Ken,

     

     

    Have you had a look at this solution?

     

     

    https://support.f5.com/kb/en-us/solutions/public/6000/900/sol6912.html?sr=12504486

     

     

    It talks about how you can configure the BIG-IP to deal with AAMs, or what I would call an HTTP rewrite.

     

     

    Failing that, if your BIG-IP has a support contract, it might be good to open a case with F5 support. They can get your configuration data, and a network diagram and work with you to see what could be missed or "broken" on the BIG-IP.

     

     

    Cheers,

     

    Helen