Matt and Aaron,
Thank you so much for your assistance. I managed to get it working. It has been a while since I setup the BigIP. With the exception of iRules I rarely have to change anything.
Two lessons I learned last night:
1. Don't use the same custom HTTP Profile for both your port 80 VS and your port 443 VS.
This is why when I modified my custom HTTP profile as suggested by Matt my non SSL apps started redirecting to SSL.
2. Don't expect all the iRule code posted on DevCentral to be error free ;-).
My attempt to use an irule instead of the check box in the HTTP profile lead me to this link on devcentral:
http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=220
At the bottom is the code I took and modified. There is an error in the "string map" function syntax used in this example. It took me some time to figure it out. Below is my solution which I am using.
when HTTP_REQUEST {
set URI [HTTP::uri]
set URIHOST [HTTP::host]
set URIHOST [getfield [HTTP::host] : 1]
set CLIENT [IP::client_addr]
set fqdn_name [HTTP::host]
save hostname for use in response
set fqdn_name [HTTP::host]
}
when HTTP_RESPONSE {
set HeadLoc [HTTP::header Location]
log local0. "HeadLoc is $HeadLoc"
switch $URIHOST {
www.somewhere.org {
switch -glob $URI {
"/appname1/*" -
"/appname2/*" {
if { [HTTP::is_redirect] }{
if { [HTTP::header Location] starts_with "/" }{
HTTP::header replace Location "https://$fqdn_name[HTTP::header Location]"
} else {
HTTP::header replace Location "[string map { "http://" "https://" } [ HTTP::header Location]]"
}
}
}
}
}
}
}
I chose to do it this way because I wanted to control which apps were being rewritten.
This weekend I'll probably setup a HTTP profile for my port 80 VS. Once that is done I'll re-enable the "redirect rewrite" option on my custom HTTP profile attached to my port 443 VS. Then I'll test all my apps again.
Thanks again,
--Brian