A typical issue when SSL termination is performed on the load balancer is that URL redirects from the backend servers still contain a ‘http://’ prefix rather then ‘https://’
Within this article we will show the required commands for creating a Content Switching Policy that will rewrite any URL`s containing a ‘http://’ prefix to ‘https://’ for traffic originating from the backend servers. This is also known as a reverse rewrite.
CSW Rule
csw-rule “bodyhttp” response-body pattern “http://”
csw rule “redirection” response-header “Location” pattern “http://”
csw-rule “responsestatus” reponse-status-code 301 302
csw-rule “urlexists” url exists
CSW Policy
csw-policy “rewritehttp” type reponse-rewrite
match “urlexists” response-body-rewrite
match “responsestatus” reponse-header-rewrite
match “rediretlocation” rewrite response-header-replace “https://” offset 0 length 7
match “bodyhttp” rewrite reponse-body-replace “https://” offset 0 length 7
Assign to Virtual Server
server virtual XXX
port ssl response-rewrite-policy “rewritehttp”
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a networking expert?
Here is our hand-picked selection of the best courses you can find online:
Cisco CCNA 200-301 Certification Gold Bootcamp
Complete Cyber Security Course – Network Security
Internet Security Deep Dive course
Python Pro Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial