Forum Discussion

weblead_151334's avatar
weblead_151334
Icon for Nimbostratus rankNimbostratus
Apr 04, 2015

Assistance needed-weblogic to get https from BIG IP F5

weblogic11G is fronted with BIG IP F5 & there are 20 weblogic nodes at present LTM doing the SSL offload(No SSL Profile (Server) due to which weblogic not getting https request from LTM & Site has two virtual servers profile_abc.com_http & profile_abc.com_http (http as well as https) with default http pool tied to both virtual servers & one connect enabled https profile has Insert X-Forwarded-For & Request Header Insert (original-protocol-https) enabled

 

The ultimate goal is to disable the SSL offload so that weblogic gets the https request

 

Is that can be achieved just by disabling SSL offload over F5 ?

 

I rule as follows

 

when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/" { log local0. "redirecting from /" if { [class match [virtual] equals dg_set_default_pools_and_root_uri ] } { persist none

 

HTTP::respond 301 Location [lindex [split [class match -value [virtual] equals dg_set_default_pools_and_root_uri] ","] 2] pool [lindex [split [class match -value [virtual] equals dg_set_default_pools_and_root_uri ] ","] 0] log local0. "Went to root ( / ), index 0 - abc pool after index 2 url set with 301" } else { log local0. "Static pool entry for xxxx[LB::server pool] not created yet" reject } return }

 

application delivery
LTM
security

3 Replies

Sort By
  • weblead_151334's avatar
    weblead_151334
    Icon for Nimbostratus rankNimbostratus
    Apr 04, 2015

    Once we disable SSL offload over F5 guess weblogic will get https as request once we weblogic gets https request what is required over weblogic to send the response over https what change is desired over f5/weblogic to serve the response header https from weblogic ? Any help will be appreciated

     

  • weblead_151334's avatar
    weblead_151334
    Icon for Nimbostratus rankNimbostratus
    Apr 04, 2015

    The load balancer after terminating SSL goes to the http listener on the weblogic nodes Environment: There is a load-balancer BIGIP F5 at the front-end where HTTPS is terminated. The HTTP traffic is then load-balanced to the WLS cluster The nature of the environment means that HTTPS is not enabled on the load-balancer now all redirects come back http even though the user may have an https session

     

  • Eric_St__John's avatar
    Eric_St__John
    Icon for Employee rankEmployee
    Apr 05, 2015

    Enable Redirect Rewrite on the HTTP Profile that is assigned to the virtual server. That will rewrite all redirects that contain http:// to https://