Preserve Port on HTTP Redirect

gprintzgprintz Member

Hi Everyone:

We have an interesting issue we're trying to tackle. We have a Virtual Server with multiple virtual ports (http:80, https:443, https:4444, https:4445, etc). We currently have a working redirect script (similar to a lot of posts on here) for 80 to 443 and it is working fine for several of our virtual servers:

when HTTP_REQUEST {

HTTP::redirect "https://[HTTP::host][HTTP::uri]"

}

In this situation however, we have servers on the backend that are configured for multiple applications on different ports (each in separate service groups) with no discerning URI differences:

sg#1:4444 consists of

server1:4444

server2:4444

server3:4444

When hitting the Virtual Server via http on one of these non-standard ports, no redirect occurs using the above script.

"http://vip.mydomain.com:4444/someURI" should redirect to "https://vip.mydomain.com:4444/someURI"

Right now, users must explicitly specify 'https://'. Is there a reason this is happening? Does the script need to be adjusted, or is there another way to approach this via an HTTP template? Hopefully I'm explaining everything correctly.

Thanks!

Tagged:

Answers

  • mdunnmdunn Member

    I believe the issue here is that when the vPort is HTTPS, the SSL handshake must occur prior to HTTP_REQUEST event. Since the handshake doesn't occur, your aflex script never fires.

    That said, I'm not coming up with a workaround with only a single vPort. If you change the vPort to HTTP, you can apply the client-ssl template, but the SSL Context is not created, so server-hello is not sent back to client.

    I'll ponder this some more, but our L7 manipulation options are slim to none without the SSL handshake completing.

Sign In or Register to comment.