Hi John,
it can be done by using just one Virtual Server, but the configuration is more complex and also less performant compared to use two independent Virtual Servers. So I would recommend to use two independent Virtual Servers for your current task...
Well, if still want to use a single Virtual Server accessible via HTTP:8080 and HTTPS:9000, then configure the Virtual Server to listen on every TCP port (aka. TCP:*) and then use an iRule (triggered on every new connection attempt) to perform a configuration change for the ongoing connection, based on the requested port number.
when CLIENT_ACCEPTED {
if { [set local_port [TCP::local_port]] eq "8080" } then {
SSL::disable clientside
} elseif { $local_port eq "9000" } then {
Use the default settings of the virtual server
} else {
reject
}
}
when HTTP_REQUEST {
if { $local_port eq "8080" } then {
HTTP::redirect "https://[getfield [HTTP::host] ":" 1]:9000[HTTP::uri]"
} else {
insert additional iRule code here as needed or just rely on the default settings of the virtual server
}
}
Note: Your the settings of the Virtual Server should be the onces for HTTPS::9000 and keep in mind to attach a Client_SSL_Profile to this Virtual Server.
Cheers, Kai