Can anyone please advise on the following? I have tried a stream profile http:// >> https:// and also tried an iRule found on here which apparently was successful, but maybe slightly different to my requirements.
I have a VS setup listening on 443/HTTPS, backend servers are unencrypted on port 8080. If I set the VS to unencrypted port 80, everything works perfectly. If I switch the VS back to 443/HTTPS (with client SSL profile assigned) and monitor the session in Chrome dev tools, I notice a comment around 'a form contains an insecure endpoint (http://VS IP etc.)
Would this need to be corrected in an iRule and if so any clues on the required syntax? It seems like it is ultimately coming from the backend server, but this is a live system which I cannot tweak.
I should have mentioned also, if I set the backend to https all works fine. But I would like the backend to be unencrypted and the F5 taking the weight, also obviously it is only one cert change I need to do when it comes to renewal!
08-Dec-2020 10:21 - last edited on 24-Mar-2022 01:18 by li-migration
Do you have VS listening on port 80 along with VS listening on port 443 where port 80 VS is just doing redirection from http to https (No pool attached behind port 80 VS)? If not, you can try it out and check if it fix your issue.
Ref. Article - https://support.f5.com/csp/article/K10090418