For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Karthik_Krishn1's avatar
Karthik_Krishn1
Icon for Cirrostratus rankCirrostratus
Oct 17, 2013

SSL offload not working

Hello ,

I am setting up a simple VS where we terminate the 443 session on the F5 and then send the traffic to the backend server on TCP port 8888. The issue is that this is not working . When i use the URL ... i get " Page not available " and when i use the IP .. i get the certificate error and then the same result . The issue seems to be as below which was seen using Fiddler..

Browser F5 server:8888 https ----------> http:8888 ----------->

                 <----------- http:8888(Response header “Location” has http and port number 8888)                               
 <-------------- http:80
                                                            ^
                                                            |- This should be https, see below Fiddler trace. 
 http:80 --------->

Aprreciate any help ...

thanks,

karthik

deployment
design

2 Replies

  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Oct 17, 2013

    is your application set up to server URLs with https:// even if the requests are arriving as http:// ? If not, you'll need to rewrite the location header and use a stream profile for content body to rewrite http:// to https://

     

  • Lucas_Thompson_'s avatar
    Lucas_Thompson_
    Historic F5 Account
    Aug 20, 2014

    Sharepoint and iis are commonly set up like this. If you have iis, check the site bindings. If you have Sharepoint, check the alternate access mapping config.

     

    You can also rewrite them in f5, but it's risky because of js/Ajax and maybe other functions. Use rewriting as a last resort unless your web app is very simple.