Forum Discussion

MegaN00B_270205's avatar
MegaN00B_270205
Icon for Nimbostratus rankNimbostratus
Nov 29, 2016

HTTP to HTTPS redirect not working with too many redirects

Hi All,

 

I've made a VS; listening on port 443; with cert. Hooked that up to a member server, connecting with HTTP (no cert) listening on port 9xxx. Now what i am seeing is that the member server is giving back responses THROUGH THE VS with the url starting with HTTP. I dont want that; i need all client traffic HTTPS. Ive made a http to https redirect profile, but when i use the VS, i get a 'too many redirects' error & nothing shows.

 

What is happening?

 

So basically: VS port 443 -> Member server port 9xxx.

 

Traffic to vs starts good; with certificate & all. But when i browse to the VS (https://vsname.domain.com) i get in my browser the url back http://vsname.domain.com

 

I read that its a way to go to use another VS on port 80; but it would be nicer (& supported in 12.x i believe) to do just change the URL from http to https.

 

application delivery
BIG-IP
iRules

2 Replies

Sort By
  • Kai_M__48813's avatar
    Kai_M__48813
    Icon for Cirrus rankCirrus
    Nov 29, 2016

    have you tried rewriting it with an iRule? we have had similar situations, and have managed to solve it by adding a stream profile to the virtual server, and an iRule that rewrites all server responses back to https.

     

    the iRule should look something like this:

     

    when HTTP_REQUEST { HTTP::header remove "Accept-Encoding" } when HTTP_RESPONSE { STREAM::disable if { [HTTP::header "Content-Type"] contains "text" || [HTTP::header "Content-Type"] contains "javascript" } { STREAM::expression "@; STREAM::enable

     

    } }

     

    • MegaN00B_270205's avatar
      MegaN00B_270205
      Icon for Nimbostratus rankNimbostratus
      Nov 29, 2016

      Thanks for the reply; i've made a (in my view) workaround by making the VS again on port 80; with the redirect https profile; & that works. It just seems to me that it should be possible within 1 VS; & not having to spin up 2 VS's.

       

      Thanks for the help anyway; if anyone has a direction to do this within 1 VS; i'd be glad to hear it.