09-18-2008 06:26 AM
I have a CSS with services set up for a Primary/Failover scenario with our web servers.
The primary server takes all requests on port 80, if that service dies, the inbound requests go to the secondary server.
The content rule is set up as:
Content = myweb.com
primarySorryServer = myweb_DR.com
secondarySorry = redirect to a third server
The CSS is only doing DNS name resolution for the third server, basically just pointing to a url.
The Content and PrimarySorryserver are working ok.
The secondarySorryserver is working ok as well.
I need to know if I do not have the SSL module in the CSS, will it point the requests to an https web page?
I would like to redirect this page to a s
The
09-18-2008 02:38 PM
I couldn't understand clearly what your question is.
If you are asking if its possible to redirect an HTTP request to HTTPS request without SSL module then yes you can do it. SSL module is only needed when you need to offload SSL on CSS.
If you have a Layer 4 rule configured that listens on port 443 and and only your servers are doing the SSL offloading then you dont need SSL module. In this case you can redirect hhtp requests to HTTPS without SSL module
an example would be
service http-to-https-APP1
keepalive type none
type redirect
no prepend-http
domain https://www.App1.com
active
content APP1-redirect
vip address 10.10.10.111
protocol tcp
port 80
url "/*"
add service http-to-https-APP1
active
You should have a Layer4 content rule waiting for these https://www.app1.com requests.
HTH
Syed Iftekhar Ahmed
09-18-2008 03:30 PM
Yes, you understood correctly and this works.
But,
I have a questionmark in my redirect string:
domain https://www.mystring.com/cgi-bin/000.cgi?START
The css is not allowing me to enter the questionmark in the string.
It seems that this is the only character I cannot add, is this by design?
09-18-2008 03:46 PM
With the domain command, the CSS prepends the domain to the original requested URL.You should be fine just using domain https://www.mystring.com
If your request url is different and you want to redirect it to a diff url then dont use domain command. Use
redirect-string www.abc.com/ss/s.asp
HTH
Syed Iftekhar Ahmed
09-19-2008 04:23 AM
That was my original problem, the redirect string would only allow me to enter http.
This happens to be a secure login screen for our customers, so it has to be redirected to an https login page (the reason for the long string) if the other two server are not available.
The "domain" worked and would have redirect me to the secure login page, but the CSS would not take the "?" character.
I pasted the string in the service and did not notice it did not get entered, when I tried the page during test, I have everything in my browser needed to take me to the log in page except the "?", so I got "Page cannot be displayed".
But it was an https string.
09-19-2008 05:03 AM
redirect-string command should let you use https.
Following is a valid command under redirect type service
service xyz
port 80
protocol tcp
no prepend-http
keepalive type none
type redirect
redirect-string "https://www.xyz.com"
ip address 127.0.0.1
active
09-19-2008 10:20 AM
It looks like I still cannot enter the question mark character (?) in the redirect string either.
Any idea why this character is not allowed?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide