Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HTTPS to HTTPS redirect

If we are doing SSL offloading for a particular VIP with a URL value of "/*" is it possible to create a content rule to redirect for the same VIP but a different URL value, i.e. "/test"? I've tried various redirect scenarios: redirect in the content rule and using a service with a redirect-string. It seems that every HTTPS request for the VIP will only match the content rule with URL "/*".

I'm trying to get the below to work.

content test-rule

vip address x.x.x.x

protocol tcp

port 443

application ssl

add service ssl_service

url "/*"

active

content test-rule-redirect

vip address x.x.x.x

protocol tcp

port 443

application ssl

redirect "https://test.domain.com/test/"

url "/test"

active

content test-rule-redirect2

vip address x.x.x.x

protocol tcp

port 443

application ssl

redirect "https://test.domain.com/test/"

url "/"

active

Note: The two redirect rules purposely don't have wildcards in the url lines.

2 REPLIES
Bronze

Re: HTTPS to HTTPS redirect

This will never work with this setup, reason:

You are supplying a url to an ssl content rule the content is at that time still encrypted so the css can not read the url.

Solution:

Create an ssl content rule that gives traffic to an ssl server and in the ssl server refer back to an http conten rule where you then specify the redirect because at that time the ssl is unencrypted.

content test-rule

vip address x.x.x.x

protocol tcp

port 443

application ssl

add service ssl_service

active

content test-rule-redirect

vip address x.x.x.x

protocol tcp

port 80

redirect "https://test.domain.com/test/"

url "/test"

active

New Member

Re: HTTPS to HTTPS redirect

That makes sense. I forgot that the hostname/domain name portion of the URL is unencrypted while the rest of the URL is encrypted when using SSL.

Thanks for your help!

492
Views
4
Helpful
2
Replies
CreatePlease login to create content