CSS 11501 redirect string

Unanswered Question
Sep 18th, 2008

I have a CSS with services set up for a Primary/Failover scenario with our web servers.

The primary server takes all requests on port 80, if that service dies, the inbound requests go to the secondary server.

The content rule is set up as:

Content = myweb.com

primarySorryServer = myweb_DR.com

secondarySorry = redirect to a third server

The CSS is only doing DNS name resolution for the third server, basically just pointing to a url.

The Content and PrimarySorryserver are working ok.

The secondarySorryserver is working ok as well.

I need to know if I do not have the SSL module in the CSS, will it point the requests to an https web page?

I would like to redirect this page to a s


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Syed Iftekhar Ahmed Thu, 09/18/2008 - 14:38

I couldn't understand clearly what your question is.

If you are asking if its possible to redirect an HTTP request to HTTPS request without SSL module then yes you can do it. SSL module is only needed when you need to offload SSL on CSS.

If you have a Layer 4 rule configured that listens on port 443 and and only your servers are doing the SSL offloading then you dont need SSL module. In this case you can redirect hhtp requests to HTTPS without SSL module

an example would be

service http-to-https-APP1

keepalive type none

type redirect

no prepend-http

domain https://www.App1.com


content APP1-redirect

vip address

protocol tcp

port 80

url "/*"

add service http-to-https-APP1


You should have a Layer4 content rule waiting for these https://www.app1.com requests.


Syed Iftekhar Ahmed

wilson_1234_2 Fri, 09/19/2008 - 04:23

That was my original problem, the redirect string would only allow me to enter http.

This happens to be a secure login screen for our customers, so it has to be redirected to an https login page (the reason for the long string) if the other two server are not available.

The "domain" worked and would have redirect me to the secure login page, but the CSS would not take the "?" character.

I pasted the string in the service and did not notice it did not get entered, when I tried the page during test, I have everything in my browser needed to take me to the log in page except the "?", so I got "Page cannot be displayed".

But it was an https string.

Syed Iftekhar Ahmed Fri, 09/19/2008 - 05:03

redirect-string command should let you use https.

Following is a valid command under redirect type service

service xyz

port 80

protocol tcp

no prepend-http

keepalive type none

type redirect

redirect-string "https://www.xyz.com"

ip address


wilson_1234_2 Fri, 09/19/2008 - 10:20

It looks like I still cannot enter the question mark character (?) in the redirect string either.

Any idea why this character is not allowed?


This Discussion