09-24-2007 05:21 PM
If we are doing SSL offloading for a particular VIP with a URL value of "/*" is it possible to create a content rule to redirect for the same VIP but a different URL value, i.e. "/test"? I've tried various redirect scenarios: redirect in the content rule and using a service with a redirect-string. It seems that every HTTPS request for the VIP will only match the content rule with URL "/*".
I'm trying to get the below to work.
content test-rule
vip address x.x.x.x
protocol tcp
port 443
application ssl
add service ssl_service
url "/*"
active
content test-rule-redirect
vip address x.x.x.x
protocol tcp
port 443
application ssl
redirect "https://test.domain.com/test/"
url "/test"
active
content test-rule-redirect2
vip address x.x.x.x
protocol tcp
port 443
application ssl
redirect "https://test.domain.com/test/"
url "/"
active
Note: The two redirect rules purposely don't have wildcards in the url lines.
09-24-2007 09:58 PM
This will never work with this setup, reason:
You are supplying a url to an ssl content rule the content is at that time still encrypted so the css can not read the url.
Solution:
Create an ssl content rule that gives traffic to an ssl server and in the ssl server refer back to an http conten rule where you then specify the redirect because at that time the ssl is unencrypted.
content test-rule
vip address x.x.x.x
protocol tcp
port 443
application ssl
add service ssl_service
active
content test-rule-redirect
vip address x.x.x.x
protocol tcp
port 80
redirect "https://test.domain.com/test/"
url "/test"
active
09-25-2007 08:09 AM
That makes sense. I forgot that the hostname/domain name portion of the URL is unencrypted while the rest of the URL is encrypted when using SSL.
Thanks for your help!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: