Hi Raj,
If you have an 'any port' virtual server that can receive HTTP and HTTPS traffic you can add a client SSL profile and then disable it for requests to an HTTPS port. Assuming you have a pool defined on port 0 (any), you can use a rule like this:
when CLIENT_ACCEPTED {
Check the requested port
switch [TCP::local_port] {
80 {
HTTP request, redirect to HTTPS using the same URI
Check if Host header value has a length
if {[string length [HTTP::host]]}{
Redirect to the requested host and URI (minus the port if specified)
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
} else {
Redirect to VIP's IP address
HTTP::redirect https://[IP::local_addr][HTTP::uri]
}
}
443 {
HTTPS request. Disable client SSL profile to prevent decryption
SSL::disable
}
default {
Request to undefined port. Take some default action?
Send a reset?
reject
Drop the request?
drop
}
}
}
If this doesn't work as you'd expect for your scenario, you can add debug logging to determine what's happening.
Aaron