Forum Discussion
Stanislas_Piro2
Cumulonimbus
Hi,
In your irule, you add only one header, X-Forwarded-Proto or X-Forwarded-Port (else if statement).
Evaluate port 443 is not the best way to test if protocol is HTTPS. Evaluate SSL::mode instead.
Try the following irule.
when HTTP_REQUEST {
if { [SSL::mode] == 1 } {
if {!( [HTTP::header "X-Forwarded-Proto"] eq "https") }{
HTTP::header insert X-Forwarded-Proto "https"
}
if { !( [HTTP::header exists "X-Forwarded-Port"]) }{
HTTP::header insert X-Forwarded-Port [TCP::local_port]
}
}
prvndeshmukh25
Mar 10, 2023Nimbostratus
Getting an error about
01070151:3: Rule [/Common/x-Forwarded-Proto] error: /Common/x-Forwarded-Proto:2: error: [undefined procedure: ssl::mode][ssl::mode]
- Mar 10, 2023
Are you decrypting on the way in?
So you have a client ssl profile set? and more importantly the f5 can see the request coming in so it can add the header? To me its trying at add the header but ssl/encryption is in the way.- prvndeshmukh25Mar 10, 2023Nimbostratus
Actaully instead of client ssl, trying iRule configuration as per script given above but getting an error which shared earlier..