This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[UTM 9.308-16] SSL-Offloading: Redirect

Hello

I have installed the SSL-Offloading for the very first site. It is really a cool solution.

Everything works fine, except that the type "Encrypted (HTTPS & Redirect)" does not redirect ;-(

The site ist actually a subdomain:
I expected, that http://sub.mycoolsite.ch or www.sub.mycoolsite.ch will be automatically redirected to https://sub.mycoolsite.ch. Unfortunately, this does not work. I can access the site directly with https://www.sub.mycoolsite.ch and https://sub.mycoolsite.ch.

Did i understood something wrong?

I'm quite new with WAF. Therefore i didn't choose a firewall profile for now.
I ticked the options Rewrite HTML, Rewrite Cookies and Pass Host Header to on.

Many thanks!

Cheers

Martin

This thread was automatically locked due to age.

0 Scott_Klassen over 9 years ago

Are you using wildcard domains? If so, there appears to be a couple of open bugs when used with HTTP-->HTTPS redirection.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 martin.schaible over 9 years ago

I do not use wildcard certificates.
Cancel
Vote Up 0 Vote Down

Cancel
0 vilic over 9 years ago

Check also:
How to create a Virtual Webserver

Using HTTP to HTTPS redirection in combination with wildcard domains could lead to unwanted behavior of the redirection. If you have two virtual web servers configured (one with Wildcard on HTTPS and HTTP to HTTPS redirect; one with FQDN on HTTPS) and you call the URL with http with the FQDN it first redirects to the first virtual with the wildcard. The next requests will then be redirect to the webserver with the FQDN on HTTPS.
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 9 years ago

Wildcard DOMAINS. Like *.domain.com [:)]

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 martin.schaible over 9 years ago

Nope, no wildcard in any ways ;-)

I also followed the docs to setup the virtual webserver(s). It isn't really difficult anyway.
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 9 years ago

About the only thing I could suggest then is to update to 9.310 and if the problem still persists, open up a case with support (assuming you have a paid license). Really sounds like a code issue and only support can assist with those.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 martin.schaible over 9 years ago

I updated to 9.310, which didn't help. I will ask support.
Cancel
Vote Up 0 Vote Down

Cancel