Forum Discussion
Roman_80473
Nimbostratus
NimbostratusSSL Termination with clear text response from web server
Hi folks,
This might be a silly question:
We terminate SSL and send traffic to non-secured web servers. We're having some issues encrypting clear text responses on proxy servers before returning them back to client. Is there a way to encrypt a clear text response from target servers on F5 itself?
Any help is appreciated
Thanks, Roman
Roman_80473Aaron and nitass,
Thank you both for your replies. I'll try to use the Fiddler2 to check web server response. The idea I had was to take the encrypting/decrypting burden off the web tier completely. This way, if we have any non-secured web server in the pool (Apache, Weblogic, Sun proxy, etc), web tier would do the actual work, while F5 handles ssl between client and itself. I'm not sure that's feasible since we always had encrypted traffic throughout
Anyways, I have a test pool with weblogic server on some non-secured port, which accepts clear text request from F5 and sends clear text response back. The problem is that client comes with ssl thru F5, but sees plain http page.
Thanks, Roman- Roman_80473I have figured out what my issue was. An http profile I've been using didn't allow for rewrite. Once I've changed that, all fell into places. Thank you again for all your help.
Roman 
hooleylistCirrostratus
There was an error in the iRule: [string tolower [HTTP::header Host]] in HTTP_RESPONSE should have been [string tolower [HTTP::header Location]]. I fixed that and added the example to the Codeshare:
https://devcentral.f5.com/wiki/iRules.HTTPS-offload-rewriting.ashx
Aaron