I have VS port 443 (using SSL) and pool member 80. (IP VS 192.168.x.x:443 --> pool member 10.45.x.x:80 )
When client access port 443 at homepage still 443, but when user login to the homepage, its redirected from 443 to http (80). When I dump, the response from server is true (respons 443 TLS) because F5 respons must be 443.
The problem is why the user after login to the homepage redirected to HTTP, not HTTPS ?
We can't using this step:
1. we cannot change the pool member port 80 to member 443 because port 80 still use for internal application, so we cannot create redirected VS http to https.
2. Server can be change from 80 to port 443 because have not received permission from the client management.
So the question is :
Any irules to change the respons server to https when user login to the homepage ???
Hi @Satriaji , Till now I do not see the issue exists on servers , also it is not doable for me to redirect server Responses to https.
>If you use client ssl , your traffic should return to clients Encrypted. > Traffic should be returned from server to F5 Decrypted due to non existance of server ssl profile. > if you were redirected after login , maybe you were redirected to another virtual serer using port 80.
> Are there any changes in your "hostname" After Loging directly , maybe the homepage redirects you to another domain after loging in. so I susbect that your Requests are un trusted after loging in against this Client ssl not server.
I think the issue is still wiith Client ssl
you can clarify more if you need , I will follow up
@Satriaji , Alright then. it’s a strange behavior to me. ِAnyway , I would Recommend to create new http virtual server , and assign a redirection iRule from http to https to force redirection of https always in path. > when login and redirected to non secure http , you should be redirected again by the( new created virtual server + assigned Redirection iRule " http ــــ> https " use the default one ) > This below Redirection irule for the " new http virtual server "
when HTTP_REQUEST {
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
}
The VS port 80 have been used for internal application, so we cann't create IP VS port 80. (cannot using step 1 to create VS port 80 then assign the irules_sys_redirect_https) because that IP VS & port 80 have been used.
So when the client access https://abc.com --> homepage become http://abc.com , so we must add or manually add "https://" in the browser so the app can be open.
Thanks @Leslie_Hubertus , @Satriaji shared with me a very good Article so I read it well and I found it very helpful to solve his issue. I mean in my reply his KB Article.
