Basically, I use SSL termination on CSS's SSL module and it seems no work for the web server using tomcat. The tomcat server insists to use http, not https. (The server always indicate client to query a URL with http head, not a URL with https head.)
Is it possible to change the behavior from CSS? My configuration is:
ssl-server 19 vip address 10.1.1.19
ssl-server 19 rsakey testRSAkey
ssl-server 19 rsacert testCAcert
ssl-server 19 cipher rsa-with-rc4-128-sha 10.4.98.19 81
ip address 10.3.3.29
keepalive type tcp
keepalive port 8080
vip address 10.1.1.19
add service ssl-slot3-srv
vip address 10.2.2.19
add service test-backendserver-8080
Any comments will be appreciated
Thanks in advance
I do not see the benefit of doing backend ssl if the frontend is cleartext.
Unless the CSS is on the clientside and you want to go accross the internet to the server.
In this case, yes, backend ssl could be a solution.
But verify first with a sniffer trace what is going on.
your tomcat server is either using absolute path (so link like http://.....) in this case the only thing you can do is modify the server, or the tomcat server is sending a redirect to the client to http://....
The SSL-mod can intercept the redirect and rewrite it to HTTPS.
You need to add a command 'ssl-server 19 urlrewrite 1 * sslport 443 clearport 8080'
A sniffer trace would tell you why the client keeps using http.