Forum Discussion

mat_d's avatar
mat_d
Icon for Nimbostratus rankNimbostratus
Nov 15, 2021

Configuration the tomcat on existing IIS instance

I'm looking for some help with configuring the vs for Tomcat and SSL.

 

I have a windows server instance with IIS. This server serves one application and this work fine - on f5 I've configured the certificate for this service, also I have configured two virtual servers. The first one is for HTTP traffic and redirects to HTTPS, and the second, handle traffic for HTTPS.

But now it is the difficult part

On the same Windows Server, I must install Tomcat to serve extra and important features for this app. Tomcat must be working on ports 8080 and 8443 (and this port should have SSL). 

So I created the new virtual server on f5, I named him "myapp_tomcat_http" (for 8080) destination address I used the same as for the IIS service (because it is the same windows server instance) and service port I used 8080. I did the same for the pool on f5. When I type in my browser server IP and port 8080 it's working.

But I have a problem with the correct configuration for the 8443 port. I have configured pool on the f5, on vs myapp_tomcat_https I fill the server address, port, in SSL profiles I chose the appropriate profiles and I don't know what next. I think I must create a new iRule for using SSL and redirect everything after "/", but I don't know what to do...

 

I will be very glad for any help.

 

3 Replies

  • When the backend pool member port/service is also encrypted or secure, you also need to configure the server SSL profile on the vServer along with client SSL profile. Basically server ssl profile handles the SSL session between F5 and the backend pool member. Please confirm if you have configured this?

  • mat_d's avatar
    mat_d
    Icon for Nimbostratus rankNimbostratus

     thanks for your reply! I had properly configured SSLs because different services working properly.

    I get help from my mate and we solved my problem - I used 8080 pool for 8443 vs, this caused that I have encrypted connection between host and server