I have a problem, with an https redirect on my ACE. Users are recieving a Certificate error if they browse to the link https://mysite.com, if they accept the error they are redirected to https://www.mysite.com. The cert is setup for the URL www.mysite.com, which is why the error is generated. I opened a TAC case they told me;
" I believe there is no way around it. This is because we decrypt the traffic first, then we do the redirect to https://www.mysite.com. So the user will see the certificate error before hitting the redirect. This has to do with the way or domain that was used to create the certificate."
Below is my config, let me know if you have any sugggestions.
class-map type http loadbalance match-all HOST1 2 match http header Host header-value "mysite.com"
The quote from the TAC engineer is right, the probblem is that when the user goes to https://mysite.com the request is first decrypted and then L7 inspected.
The cert error is expected, when you indicate the FQDN on your CSR that's the only domain you're buying the SSL certificate for. The workaround you're looking for is called SAN (Subject Alternative Name) certificate, this kind of certificate would allow you to add different flavors of your domain under the same SSL file with a little extra charge (around 50 bucks I think). You may want to get back at your certificate authority and check if they can re-sign the certificate but make it SAN this time. SAN certificates are compatible with the ACE app/module.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...