Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

HTTP redirect working but HTTPS not working

Go to solution
kalav
Nimbostratus
Nimbostratus

‎16-Nov-2020 07:06

Hi,

 

Another "new to iRules" question. Any assistance would be gratefully received.

 

I have two virtual servers configured to serve a small set of URLs. One listening on http with an iRule handling redirects to https, and one listening on https. I have a certificate issued to site.com with SAN DNS Name of site.com & www.site.com.

 

I can reach the URL if I type in site.dk. I am redirected to https://site.com. if I try https://site.dk I get a certificate error. I can OK the error in the browser and am served the correct page, but the certificate error stays (valid certificate for site.com) and so does the address https://site.dk.

 

Same for site2.com.

 

The iRule I have configured is only on my http virtual server, as follows:

 

when HTTP_REQUEST {

 if { [HTTP::host] equals "www.site.dk" or [HTTP::host] equals "site.dk"} {

  HTTP::respond 301 Location "https://site.com[HTTP::uri]" }

 elseif { [HTTP::host] equals "www.site2.com" or [HTTP::host] equals "site2.com"} {

  HTTP::respond 301 Location "https://site.com[HTTP::uri]" }

 elseif { [HTTP::host] equals "www.site.com" or [HTTP::host] equals "site.com"} {   

  HTTP::respond 301 Location "https://site.com[HTTP::uri]

}

}

 

Is the above enough information to shed light on the issue?

 

Many thanks!

Kev

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
PeteWhite
F5 Employee
F5 Employee

‎18-Nov-2020 04:25

this is related to the sites which your certificate covers - in this case it should cover www.site.dk, site.com and site2.com. Or you can have a cert for www.site.dk and from that virtual server you can redirect to www.site.com. Basically, tie up the cert SAN names with the requested FQDN

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
PeteWhite
F5 Employee
F5 Employee

‎18-Nov-2020 04:25

this is related to the sites which your certificate covers - in this case it should cover www.site.dk, site.com and site2.com. Or you can have a cert for www.site.dk and from that virtual server you can redirect to www.site.com. Basically, tie up the cert SAN names with the requested FQDN

0 Kudos

Go to solution
kalav
Nimbostratus
Nimbostratus
In response to PeteWhite

‎18-Nov-2020 13:57

Right. That makes sense to me! I don't control the certificates but if they don't cover all of the sites we're trying to serve then an error would be thrown up. Thanks for the answer.

0 Kudos
Copyright © 2023 Khoros, LLC