Forum Discussion

Micky_Hertford's avatar
Micky_Hertford
Icon for Altostratus rankAltostratus
Apr 19, 2021
Solved

HTTP and HTTPS from same VS

Hi, is it possible (and if so some advice for a newbie) to have a virtual server listening on port https and depending on the url, forwarding on either http or https to the pool.

 

so https://site.com/url1 is forwarded to the pool on https but requests to https://site.com/url2 would be forwarded to the pool on http.

 

Many thanks for your time..

  • Yes. there are many ways to do it. serverssl can be selectively enable or disable for the urls.

    E.g. one of the option is to apply serverssl on the VIP and disable it for /url2.

    iRule option:

    when HTTP_REQUEST {
    	    switch -glob [string tolower [HTTP::uri]] {
    	    	"/url1*" 
    			{
    		    pool https_pool
    	    	}
    	    	"/url2*" 
    	        {
    			SSL::disable serverside
    		        pool http_pool
    	    	}  default {
              return
    	    }
          }
    }

    ltm policy option:

    rule 1-

    http uri --> path starts with --> /url1 --> at request

    action: forward traffic to https_pool

    rule2;

    http uri --> path start with --> /url2

    action1: disable server ssl --> at request

    action2: forward traffic to http_pool

2 Replies

  • Yes. there are many ways to do it. serverssl can be selectively enable or disable for the urls.

    E.g. one of the option is to apply serverssl on the VIP and disable it for /url2.

    iRule option:

    when HTTP_REQUEST {
    	    switch -glob [string tolower [HTTP::uri]] {
    	    	"/url1*" 
    			{
    		    pool https_pool
    	    	}
    	    	"/url2*" 
    	        {
    			SSL::disable serverside
    		        pool http_pool
    	    	}  default {
              return
    	    }
          }
    }

    ltm policy option:

    rule 1-

    http uri --> path starts with --> /url1 --> at request

    action: forward traffic to https_pool

    rule2;

    http uri --> path start with --> /url2

    action1: disable server ssl --> at request

    action2: forward traffic to http_pool