stevelee_88077
Jul 20, 2011Nimbostratus
help with http to https rediect - XenDesktop
Big-IP LTM 1600 10.2.2 (763.3)
Hello
I've been through the setup guide for XenDesktop http://www.f5.com/pdf/deployment-guides/ltm-citrix-xendesktop-dg.pdf
This all went fine and we are offloading SSL at Big-IP. The site loads fine over https, however I want to redirect any client requests from http to https. I've used this forum and added this to my setup: http://devcentral.f5.com/wiki/default.aspx/iRules/Redirect_non_ssl_requests_on_ssl_vs_rule.html
So now I have a VS on 443 (https) with the following iRule:
when HTTP_REQUEST {
Check if the client used an SSL cipher
if {not ([catch {SSL::cipher version} result]) && $result ne "none"}{
Client did use a cipher log local0. "\$result: $result. Allowing encrypted request."
} else {
Client did not use a cipher log local0. "\$result: $result. Redirecting unencrypted request."
HTTP::redirect https://xen.mysite.com } }
I've also changed the SSL Profile (Client) to allow "Non-SSL Connections" as per the above article.
https://xen.mysite.com loads fine and I can see traffic through Big-IP
http://xen.mysite.com does not redirect to https and I get page connot be displayed error. (in Chrome its Error 102 (net::ERR_CONNECTION_REFUSED)
If I take Big-IP out of the equation and go directly to the Cirtix XenDesktop web it works over both 80 and 443. I can also get it to work over 80 via Big-IP if I change the VS to 80.
Is there something wrong with the iRule or have I missed something in the config?
Many thanks in advance for any help you can provide!