Forum Discussion

Pratheeban_1205's avatar
Pratheeban_1205
Icon for Nimbostratus rankNimbostratus
Nov 27, 2013

how to redirect http://api.example.com:443 to https://api.example.com:443/services/ or https://api.example.com/services/

we are making soap call using wordpress to https://api.example.com/services/ (this is configured in F5 LTM) it is getting change to http://api.example.com:443/services and failed to complete the call. Can we redirect this to https://api.example.com:443/services/

 

curl -v http://api.example.com:443 * About to connect() to 1.1.1.1 port 443 * Trying 1.1.1.1... connected * Connected to 1.1.1.1 (1.1.1.1) port 443

 

GET / HTTP/1.1 User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 1.1.1.1:443 Accept: /

 

  • Empty reply from server
  • Connection 0 to host 1.1.1.1 left intact curl: (52) Empty reply from server
  • Closing connection 0

3 Replies

  • Do you want to redirect traffic on port 443 from http to https or you want to redirect http (port 80) to https (port 443) ?

     

    And my second question is where does the redirection take place ? Client or server side ?

     

  • Thanks for your reply Thomas.

     

    I want to redirect the traffic on port 443 from http to https. Client side redirection will be fine.

     

    Let me explain it more detail.

     

    1. SiteA (www.site.com) ---> App Server A (https://api.example.com/service/*)

       

    2. Site A gets the schema location from App Server A and try to connect to Schmea location : http://api.example.com:443/services (note it's http not https and the port number is 443)

       

    3. F5 LTM ends this call with empty reply.

       

    I hope if we redirected this http://api.example.com:443/services/* to https://api.example.com:443/services it'll be fine.

     

  • You can't do that even in an iRule because CLIENTSSL_HANDSHAKE event is before HTTP_REQUEST in iRule events order.

     

    As you are using the same port for http and https traffic, you can't make a difference into CLIENT_ACCEPTED context.

     

    Why do you want to use the same port for http and https traffic ?