selectively remove https

Question

Hi,
&nbsp;I have an app that uses both client and server side ssl,
&nbsp;but I have to stop the server side ssl for a certain uri (a webservice) but still keep the client side ssl, 
&nbsp;I've searched the forums but I cannot see how to do it as a redirect will not do. Any help is much appreciated, Thanks.&nbsp;

hooleylist · Answer

In the HTTP_REQUEST event on the clientside (client to BIG-IP), you can determine if the request is one you want to disable SSL for on the serverside (BIG-IP to node).  
Here's an example:
when HTTP_REQUEST {
   set usessl 1
   if { [HTTP::path] starts_with "/clear" } {
      set usessl 0
   }
}
when SERVER_CONNECTED {
   if { $usessl == 0 } {
      SSL::disable
   }
}
Else, I think you could use 'clientside' to force the evaluation of HTTP::path to the clientside context and do this in one event:
when SERVER_CONNECTED {
   log local0. "Requested path: [clientside {HTTP::path}]"
   if { [clientside {HTTP::path}] starts_with "/clear" } {
      SSL::disable
   }
}
If you have multiple URI's to disable encryption for, you might want to define them in a datagroup and then check the requested URI against the datagroup list.
Aaron

Forum Discussion

selectively remove https

1 Reply

Recent Discussions

Issue on license renewal

Maximum throughput of f5 ltm

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

Selective mutual authentication by HTTP::Host

iRule to take cookie from HTTP Response into HTTP Request via table

Log Http Class Selection

Irule for www removal on https

Selective SNAT