Forum Discussion
hooleylist
Dec 04, 2009Cirrostratus
You could add the XForwardedProto logic to the single VIP iRule by setting the proto variable to https in this section:
Request was to an HTTPS port, so do nothing for the clientside connection.
And setting it to http for in this section:
Request was to an HTTP port, not an HTTPS port, so disable client SSL profile if one is enabled on the VIP
I'd guess that Safari is getting a redirect to http://newsite.apa.org:443 and not actually generating that request itself. You could check this by logging the Location header in redirects or by using a browser plugin to log HTTP request/response headers and payloads. If it is coming from the app, you could add a check in the HTTP_RESPONSE event to look for [HTTP::is_redirect]==1 and then rewrite the Location header value using HTTP::header replace Location $new_location.
Aaron