For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Joe_Pipitone's avatar
Joe_Pipitone
Icon for Nimbostratus rankNimbostratus
Jan 28, 2010

ssl redirect not working

I have 2 separate VIP's, one for traffic on port 80, another for port 443. They both have the same VIP. Traffic works fine on both port 80 and 443. W...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jan 29, 2010
What response does the client get when you test the rule with a request to https://oursite.com? I'd expect a cert mismatch error because the cert is for www.oursite.com.

 

 

In order to avoid a cert mismatch error, you would need a cert which is valid for oursite.com and www.oursite.com. In your original version, you didn't specify the protocol of https:// in the redirect. Browsers would interpret a redirect location of www.oursite.com (without the protocol) as a local URI which it would append to the previously requested protocol, domain and path (https://oursite.com/www.oursite.com).

 

 

With the current rule, you could remove the check of the URI and just redirect to "https://www.oursite.com[HTTP::uri]". For a requested URI of / the redirect will still be valid.

 

 

Aaron