Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

handle ssl and non ssl on the same virtual server and port

Alexey_Beketov
Nimbostratus
Nimbostratus

‎11-Nov-2021 04:04

Hi!

We have new(ssl) and legacy(non ssl) client applications, both need to connect to the same virtual server and the same 443 port.

Backend server uses plain http.

So we need LTM to accept both ssl / non ssl connections from clients on the same 443 port of the same virtual server and forward them to the backend application.

We tried irules with no success.

Is there any chance we can manage this situation on the LTM side?

 

We have BIG-IP 14.1.2.3 Build 0.0.5 Point Release 3

Labels:
0 Kudos
3 REPLIES 3

Fallout1984
Cirrocumulus
Cirrocumulus

‎11-Nov-2021 06:42

How were the irules configured? Basically, what were they being told to do?

 

If the incoming traffic's port 80 (non-SSL) and it can't be redirected to 443, then a port 80 vserver will be needed. So, you're going to end up with two vservers; one using port 80, one using port 443.

 

 

0 Kudos

xuwen
MVP
MVP

‎11-Nov-2021 17:52

Local Traffic  ››  Profiles : SSL : Client >>Configuration(Advanced)>>Non-SSL Connections(enable),

use iRules to traffic non ssl to redirect https:

when CLIENTSSL_CLIENTHELLO {

set need_ssl 1

}

when HTTP_REQUEST {

if { ![info exists need_ssl] } {

HTTP::redirect "https://[HTTP::host][HTTP::uri]"

}

}

 

jaikumar_f5
MVP
MVP

‎18-Nov-2021 03:51 - last edited on ‎24-Mar-2022 01:13 by Fog

 

 

Its very well in detail explained in this article.

Handling HTTP Requests on an HTTPS Virtual Server

 

0 Kudos
Copyright © 2023 Khoros, LLC