Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Can you redirect https//domain.com to https://www.domain.com

ictengineer_124
Nimbostratus
Nimbostratus

‎17-Nov-2013 13:24

Is it possible to rediect https://domain.com to https://www.domain.com?

 

I've searched but couldn't get any answers or suggestion.

 

Thanks Mark

 

Labels:
0 Kudos
6 REPLIES 6

Kevin_Stewart
F5 Employee
F5 Employee

‎17-Nov-2013 13:33 - last edited on ‎01-Jun-2023 11:26 by Fog

Try this:

when HTTP_REQUEST {
    if { [string tolower [HTTP::host]] equals "domain.com" } {
        HTTP::redirect "https://www.domain.com"
    }
}

If you need to also preserve the URI in the request, use this instead:

HTTP::redirect "https://www.domain.com[HTTP::uri]"
0 Kudos

Vasim
Altostratus
Altostratus
In response to Kevin_Stewart

‎13-Jun-2023 05:34

Some one help provide irule for below

 

https://routing-schedules-pre.cma-cgm.com/Default.aspx 

should be redirected to https://iroute-pre.shipping-noprd.aws.cld.cma-cgm.com

0 Kudos

ictengineer_124
Nimbostratus
Nimbostratus

‎17-Nov-2013 16:08

Thanks Kevin. Will this work on redirecting https as well?

 

0 Kudos

Kevin_Stewart
F5 Employee
F5 Employee

‎17-Nov-2013 16:15

As long as you're offloading the SSL on the F5 with a client SSL profile, then yes.

 

0 Kudos

ictengineer_124
Nimbostratus
Nimbostratus

‎17-Nov-2013 17:38

Hi Kevin

 

We are offloading https://www.domain.com. We are not offloading https://domain.com (just need this to redirect to https://www.domain.com. Can this work?

 

0 Kudos

Kevin_Stewart
F5 Employee
F5 Employee

‎17-Nov-2013 17:50

If you cannot see the layer 7 (HTTP) traffic, then you also cannot write to it. So assuming www.domain.com and domain.com resolve to the same IP and F5 VIP, you basically have three options:

 

  1. Apply a wildcard certificate to the client SSL profile - *.domain.com

     

  2. Apply a SAN certificate to the client SSL profile - like a wildcard but specific to a list of server names in the subjectAltName field of the cert.

     

  3. If your clients are all capable of TLS (anyone using an OS/browser later than WinXP/IE6), you can use a TLS extension called SNI, or Server Name Indicator, where the client specifies the server name in its TLS CLIENTHELLO message. You could then create separate client SSL profiles, each with its own certificate, set the server name field in the profile to match the subject name of the certificate, and then apply all to the VIP. The VIP will choose the correct profile based on the client's request.

     

0 Kudos
Copyright © 2023 Khoros, LLC