Forum Discussion

Satriaji's avatar
Satriaji
Icon for Cirrus rankCirrus
Dec 24, 2022

How to redirect Https to Https respons ?

Hii Everyone,

I have a problem with our client application Web.

I have VS port 443 (using SSL) and pool member 80. (IP VS 192.168.x.x:443 --> pool member 10.45.x.x:80 )

When client access port 443 at homepage still 443, but when user login to the homepage, its redirected from 443 to http (80). When I dump, the response from server is true (respons 443 TLS) because F5 respons must be 443.

 

The problem is why the user after login to the homepage redirected to HTTP, not HTTPS ?

We can't using this step:

1. we cannot change the pool member port 80 to member 443 because port 80 still use for internal application, so we cannot create redirected VS http to https.

2. Server can be change from 80 to port 443 because have not received permission from the client management.

 

So the question is :

Any irules to change the respons server to https when user login to the homepage ???

Thankyou.

application delivery
cloud
devops
http to https
iRules
security

9 Replies

Sort By
  • Mohamed_Ahmed_Kansoh's avatar
    Mohamed_Ahmed_Kansoh
    Icon for MVP rankMVP
    Dec 24, 2022

    Hi Satriaji , 
    Till now I do not see the issue exists on servers , also it is not doable for me to redirect server Responses to https. 

    >If you use client ssl , your traffic should return to clients Encrypted. 
    > Traffic should be returned from server to F5 Decrypted due to non existance of server ssl profile.
    > if you were redirected after login , maybe you were redirected to another virtual serer using port 80. 

    > Are there any changes in your "hostname" After Loging directly , maybe the homepage redirects you to another domain after loging in. 
    so I susbect that your Requests are un trusted after loging in against this Client ssl not server. 

    I think the issue is still wiith Client ssl 

    you can clarify more if you need , I will follow up

    • Satriaji's avatar
      Satriaji
      Icon for Cirrus rankCirrus
      Dec 24, 2022

      Dear Mohamed,

      Here the config 

      Server Farm

      ===========

      IP VS = 192.168.x.x port 443 (without use SSL profile at clientside profile)

      Pool member = 10.45.x.xx port 443 ( its use to IP VS DMZ )

       

      DMZ

      ======

      IP VS = 10.45.x.x port 443 (its used to IP pool member Serverfarm) using SSL client side profile

      Pool member= 10.43.x.x port 80 (server http)

       

      When the user access https://abcd/otcs/login the homepages still https, but after login using user name and password, the homepage : http://abcd/otcs/login . They want to still https when login.

       

      thankyou

       

       

      • Mohamed_Ahmed_Kansoh's avatar
        Mohamed_Ahmed_Kansoh
        Icon for MVP rankMVP
        Dec 24, 2022

        Satriaji  , Alright then. 
        it’s a strange behavior to me. 
        ِAnyway , I would Recommend to create new http virtual server , and assign a redirection iRule from http to https to force redirection of https always in path. 
        > when login and redirected to non secure http , you should be redirected again by the( new created virtual server + assigned Redirection iRule " http ــــ> https " use the default one ) 
        > This below Redirection irule for the " new http virtual server " 

         

         when HTTP_REQUEST {
       HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
    }

         

         

        Try it , I hope it works with you.