For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mark_Cloutier's avatar
Mark_Cloutier
Icon for Nimbostratus rankNimbostratus
May 19, 2014

Using https monitor with Oracle Access Manager

I am trying to use an https monitor on our Oracle Access Manager web servers. I have read several devcentral posts that have left me confused as to whether a regular https monitor can use Status codes in the head in the receive string

 

ltm is version 11.4.1 build 634

 

listing the monitor via tmsh gives me the following ltm monitor https oam-https { cipherlist DEFAULT:+SHA:+3DES:+kEDH compatibility enabled defaults-from https destination : interval 5 recv "HTTP/1.1 200 OK\r\n" send "GET /oam/server/HeartBeat HTTP/1.1\r\nHost: \r\nConnection: Close\r\n\r\n" time-until-up 0 timeout 16 }

 

The double slashes don't appear in the GUI where I entered the send and receive strings....

 

Using a Chrome Browser, going to the webserver url directly https://aninvtest01-oam-stg/oam/server/Heartbeat I get the following Request URL:https://aninvtest01-oam-stg/oam/server/HeartBeat Request Method:GET Status Code:200 OK Request Headersview parsed GET /oam/server/HeartBeat HTTP/1.1 Host: aninvtest01-oam-stg Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Response Headersview parsed HTTP/1.1 200 OK Date: Mon, 19 May 2014 19:11:57 GMT Server: Apache X-ORACLE-DMS-ECID: 0000KOLtSBy3j4Q6ybaeMG1JU^TR0000C1 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/plain

 

I must be missing something in the syntax of my send or receive string as it is marking the server as down...

 

11 Replies

  • yes, and both work.... so that would cut my number of monitors in half... I have a prod url, and 3 different testing sites (one for uat, the stg one where prod fixes are tested, and a -sys for development