Forum Discussion

pwoll_74049's avatar
Icon for Nimbostratus rankNimbostratus
Dec 13, 2011

WebDAV and SSL Problem

I am implementing a document management system (OpenText) with SSL offload on the LTM. I have an iRule that sends a redirect to https for any http traffic. The redirect works fine until WebDAV starts being used. In captures, I see the browser sending, for example, with HEAD /contentserverdav/License.pptx HTTP/1.1\r\n. The LTM sends a redirect with Location:\r\n. But the browser ignores the redirect. Any information you could provide on whether this is normal, or ways to make SSL work with WebDAV would be greatly appreciated.


2 Replies

  • Hi,



    I'm not familiar with the OpenText app, but here are a few possible solutions in order of efficiency for LTM:



    Set a native OpenText configuration option which tells the web app that it should refer to itself using https:// instead of http:// references. This is something you could check OpenText documentation for. I assume most web apps support SSL proxying by now.



    Configure LTM to insert an HTTP header which LTM inserts which tells the web app that it should refer to itself using https:// instead of http:// references.



    Use an iRule and stream profile to rewrite the response headers and content from http:// to https:// so that the client will make requests to https:// only.



  • Thanks to your help, I was able to resolve this. I used the third approach above to use an iRule to rewrite the responses as follows:



    when HTTP_RESPONSE {



    Check if response type is text


    if {[HTTP::header value Content-Type] contains "text"}{



    Replace http:// with https://


    STREAM::expression {@}


    Enable the stream filter for this response only







    Check if server response is a redirect


    if { [HTTP::header is_redirect]} {


    Log original and updated values


    log local0. "Original Location header value: [HTTP::header value Location],\


    updated: [string map -nocase "http:// https://" [HTTP::header value Location]]"



    Do the update, replacing http:// with https://


    HTTP::header replace Location [string map -nocase "http:// https://" [HTTP::header value Location]]







    At first I thought that the second portion of this code to rewrite the Location entries was unnecessary. However, I learned that the stream profile does not affect the Location information, thus the addition. Elsewhere, I only had to enable the stream profile on the Virtual Server.