Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
3
Replies

CSs 1103 SSl - Loadballancing to Oracle DB servers.

ravi.saini
Level 1
Level 1

‎02-18-2004 06:04 AM

Hi

I have a basic configuration. The css terminates ssl to a Vip address which is essentially to a oracle database server.

Are there any pitfalls that I need to be aware of when using the css (ssl) Vip with an oracle database as the service??

Some errors that I am seeing:-

Initially when I try to access the db the https service appears to work fine.

When I log in, a warning is presented that the site contains both secure and unsecure web pages.

when I accept this the page loads up, but further links are not available ie, page not found.

Now when the same is tried with an http only service on the css the service works fine.

I have also tried the 'urlrewrite * any' command.

Cheers

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎02-18-2004 08:26 AM

you can use ssldump on the client with the private key of the SSL module.

This will give you in clear text the response from the CSS to the client.

You can therefore see the redirect and other links and see if the urlrewrite function works correctly.

I personally think this is where to look for - the urlrewrite.

The ssldump tool is available at :

http://www.rtfm.com/ssldump/

Regards,

Gilles.

0 Helpful

ravi.saini
Level 1
Level 1
In response to Gilles Dufour

‎02-23-2004 11:15 AM

Hi, I have some more info:-

( i have tried to use the ssldump tool without much luck)

The server is running Oracle applications 11i. The HR module is Oracle 8.0.6. This is all set up on one box.

Now Under HTTP everything works fine.

With HTTPS the initial loggon screen if fine.

As soon as users loggon Errors are given. The graphics fail to load, and subsequent links return errors.

The oracle box is configured with services pointing to different ports ( as you drill down through the menues)

ie formserver on 9000

oracle.hr/local:9000/blahdeblah.

The configuration that I have used accepts all url's.

I can send a copy of the config to confirm.

0 Helpful

ravi.saini
Level 1
Level 1
In response to ravi.saini

‎02-24-2004 02:05 AM

Could it be that all services are setup on the one box? Ie oracle web on ports 80 then internal links to other ports, and the css does not like this set up.

Should I be considering a two tier architecture; ie ssl from client to css ( terminated) then to a front end web server. This front end web server will then talk to whatever oracle service required on the backend?

Does anyone have any thoughts or should the fact that the oracle HR service is set up on one box make no difference.

Any help would be appreciated.

0 Helpful
Customers Also Viewed These Support Documents