NimbostratusTrying to create a HTTPS to HTTP redirect irule to force incoming S connections to use the http vip. I just tried to copy the built-in HTTPS>HTTP irule, but it did not like that. Any suggestions?
Thanks
EmployeeHow does it fail?
when HTTP_REQUEST {
HTTP::redirect "http://[HTTP::host][HTTP::uri]"
}
Do you have a client SSL profile applied to the VIP?
NimbostratusI admit I was reliant on the sharepoint resource to tell me if it was working or not. They simply said it wasn't directing to the page. No SSL profiles.
EmployeeIf you have a VIP listening on HTTPS/port 443, you need an HTTP profile and client SSL profile in order to use this iRule.
AltostratusWhat's the rationale for redirecting from HTTPS to HTTP? If it's merely to satisfy a back-end requirement you might be able to host the instance by terminating HTTPS on the BIG-IP:
client <----HTTPS----> big-ip <----HTTP----> origin web serversagree on the HTTP profile, not on the SSL profile since it's coming in unencrypted. Probably should have mentioned that also.
If a user types into the browser URL, the browser is going to attempt to do SSL. There's really no way around this. So in order to catch layer 7 HTTP requests on a VIP listening on port 443 for HTTPS requests, you need to be able to terminate the incoming SSL with a client SSL profile.