Forum Discussion
Once the HTTPS session is built, there won't be any possibility of seeing the traffic unless it gets decrypted. Then the redirection should be pointed at port 443 on the HTTP VIP. So it appears, you will have to create three VIPs in the following fashion.
VIP:80 ; VIP:443 ; VIP:9443 ;
Traffic would hit on 443, get decrypted on 80 and then again get encrypted for 9443. Please let me know how it goes.
- Kevin_Davies_33Oct 20, 2017Nimbostratus
Amy this is not correct. The traffic on the 443 virtual server is decrypted with the cert as shown by client SSL.
- Amresh008Oct 23, 2017Nimbostratus
Hi Kevin,
I have tested the irule config and it did not work. Also, I referred the dev central link which is - https://devcentral.f5.com/questions/need-help-with-redirect-https-to-http.
Please go through Deb Allen's comments on this link.
- Kevin_DaviesOct 23, 2017MVP
Amy,
We have two distinct virtual servers, no wildcards. We are redirecting https to https. The original post indicates we want to redirect from 443 to 9443. If you apply my iRule above to the first virtual server it will decrypt the client traffic then send a 302 redirect to the client to the same destination on port 9443 using https. The client will then follow that redirect and establish a new connection to port 9443 and the traffic will continue on to the pool member.
Please can you explain to me where the problem is?
- Amresh008Oct 23, 2017Nimbostratus
Hi Kevin,
I am in a similar situation, wherein I have two VIPS, VIP1:443 & VIP2:443. They have different IP addresses, but I can have them on a single IP address as well, if required. I need the redirection https://abc.com to https://xyz.com, where abc and xyz are the DNS hostnames for VIP1 & VIP2. Please note that even when they have the same IP address, the hostnames would remain different. If it's possible, could you please share the irule for the same.