ACE - HTTPS redirection

Similar Messages

• ACE http redirect on probe fail & others

  Hi everyone,
  I have multiple http based application running on 2 servers and they all be referenced behind the publised VIP from the load balancer.
  The probes are already there, applications are accessed but one criteria from the business is not to fail the whole server for one application. There is some independance between the apps that if one fails, the other would need to still load balanced.
  I would like, if the application fails on both server, to maybe be able to redirect to another URL any request for a particular App/URL.
  Any suggestions ?

  Hi,
  To not declare a real server down if one of its applications fail, you should configure your probes in your serverfarm, and (if not already done) create a serverfarm per application.
  If you want to be able to redirect a request send to a failed serverfarm, you can configure a backup serverfarm in you L7 policy map like this:
  serverfarm name1 backup name2
  The second serverfarm should then be of the type:
  serverfarm redirect name2
  webhost-redirection relocation_string [301 | 302]
  where the relocation_string is the URL that should be used, 301 is permanently moved and 302 is temporarily.
  For the relocation_string, you can use following special characters:
  %h Inserts the hostname from the request Host header
  %p Inserts the URL path string from the request
  Mor info can be found in this doc:
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/slb/guide/slbgd.html
  Hope this helps.
  Kr,
  Dario

• ACE http/https redirect or rewrite

  Greetings,
  We have a setup that requires ACE http/https redirection or rewrite.
  A client connects to a secured Web portal which has its ssl termination on the ACE.
  The web portal will request from the client a redirection to another application. As the portal is unaware that the incoming client https request was terminated on the ACE,
  the client receives the redirect request for an unsecured http URL rather than for the secured https URL.
  In this case what would be best to use? ACE "rewrite" or "redirect"?
  Will the following example config for ACE "redirect" be sufficent to implement this?
  ssl-proxy service ssl-App-443-81
  key app1.test.com.key
  cert app1.test.com.cert
  rserver redirect App-secure-redirect
  webhost-redirection https://app1.test.com/Go/
  inservice
  serverfarm redirect App-secure-redirect-sf
  rserver App-secure-redirect
  inservice
  serverfarm host App-81-sf
  probe TCP81
  rserver proxy1 81
  inservice
  rserver proxy2 81
  inservice
  parameter-map type http http_param_map
  header modify per-request
  sticky http-cookie App-cookie App-sticky
  cookie insert
  replicate sticky
  serverfarm App-81-sf
  class-map match-any App-443-81-cm
  2 match virtual-address 10.10.10.112 tcp eq https
  class-map match-any App-81-cm
  2 match virtual-address 10.10.10.112 tcp eq 81
  class-map type http loadbalance App-secure-redirect-cm
  match http url http://app1.test.com:81/Go/
  policy-map type loadbalance http first-match App-rewrite-pm
  class App-secure-redirect-cm
  serverfarm App-secure-redirect-sf
  policy-map type loadbalance http first-match App-sticky-443-81-pm
  class class-default
  sticky-serverfarm App-sticky
  policy-map multi-match policy-inbound
  class App-81-cm
  loadbalance vip inservice
  loadbalance policy App-rewrite-pm
  loadbalance vip icmp-reply active
  loadbalance vip advertise active
  class App-443-81-cm
  loadbalance vip inservice
  loadbalance policy App-sticky-443-81-pm
  loadbalance vip icmp-reply active
  loadbalance vip advertise active
  appl-parameter http advanced-options http_param_map
  ssl-proxy server ssl-App-443-81

  If you are offloading www.yoursite.com on ACE and on the backend
  real servers are not ssl aware (sends URL with http://) then with
  following sample config you can instruct ACE to rewrite such urls (http->https)
  class-map match-all VIP-443
  match virtual-address x.x.x.x tcp eq https
  action-list type modify http HTTP2HTTPS-REWRITE
  ssl url rewrite location www\.yoursite\.* sslport 443 clearport 80
  policy-map type loadbalance first-match YOUR-POLICY
  class class-default
  serverfarm YOUR-SFARM
  action HTTP2HTTPS-REWRITE
  class VIP-443
  loadbalance vip inservice
  loadbalance policy YOUR-POLICY
  loadbalance vip icmp-reply active
  ssl-proxy server YOUR-SSL-SERVICE
  You need Ace2.x+ on Ace module & 3.x+ on 4710 appliance for this feature.
  Syed Iftekhar Ahmed

• ACE: URL redirect - not working

  Hi,
  I've to do url redirection from port 80 to port 443. I've following configured:
  rserver redirect url.test.com-rd
    webhost-redirection https://url.test.com/
    inservice
  serverfarm redirect url.test.com:80
    description url.test.com - port 80 redirect ***
    rserver url.test.com-rd
      inservice
  class-map match-any url.test.com:80
    2 match virtual-address 192.168.1. tcp eq www
  policy-map type loadbalance first-match url.test.com:80
    class class-default
      serverfarm url.test.com:80
    policy-map multi-match LOAD_BALANCE
     class url.test.com:80
      loadbalance vip inservice
      loadbalance policy url.test.com:80
      loadbalance vip icmp-reply active
  ===
  with above configuration, ACE is redirection port 80 to port 443 but it also rewrites the header.  i.e. ACE send me to
  "https://url.test.com/" if I type "http://url.test.com/abc" in the browser. It should have redirected to  "https://url.test.com/abc" ( it shouldn't have removed "/abc")
  could you advice how to accomplish it.
  Thanks in advance...

  Hi,
  thanks pablo. but that isn't expected response. redirected url shows the load balanced server. i.e. for the following serverfarm of port 443:
  serverfarm host url.test.com:443
    description url.test.com - Port 7777 ***
    failaction purge
    probe url.test.com:7777
    rserver server1.test.com 7777
      inservice
  redirected url comes as "http://server1.test.com:7777/abc/" ...instead of what I expect .i.e. i expect "
  https://url.test.com/abc/"

• ACE WEBHOST-REDIRECT logic

  Hi guys.
  Recenty I see the following config.
  rserver redirect REDIRECT-TO-HTTPS
   webhost-redirection https://%h%p 301
   inservice
  serverfarm redirect REDIRECT-SERVERFARM
   rserver REDIRECT-TO-HTTPS
   inservice
  I suspect this is a generic config to rewrite a redirection sent from rsever to client when it sends a http redirection and the client need to do a https conection.
  My question is: this configuration will rewrite all redirect? What happens if the redirect sent from real server need to reach the client as http (not translated)
  Thanks in advance.

  Hi David,
  The above configuration is for ACE to redirect and not "Rserver". So if a user comes on http://xyz.com and you want ACE to redirect it to https"//xyz.com, you use above configuration. Now there will be a class-map condition as well as policy maps and hence ACE will redirect only those requests which will match the condition. Also, redirect and rewrite are two different functions. If you want the ACE to intercept server response and rewrite it, then you should have a look at "URL Rewrite as well as SSL rewrite" features. Again you will have proper configurations place for ACE to decide what to rewrite and what not.
  Let me know if you have any questions.
  Regards,
  Kanwal

• SharePoint public facing site does not open in sharepoint designer after giving http redirect in IIS

  I have a public facing sharepoint site
  We gave http redirect in IIS due to which I am unable to open the site in SharePoint Designer and gives error message site not found in webserver.
  If i revert back the settings (remove the http redirect link) i m able to open the site in designer.Please let me know how can I resolve the issue in opening site in SharePoint designer after http redirect setting done in IIS

  Looks like an AAM issue. What URL of the site you are trying to open with designer and what are your AAM settings?
  Ronald Bruinsma - Independent SharePoint Consultant - iDocs.info - The Netherlands
  Ronald I got the same issue here is my info:
  sharepoint site: http://<servername>/sites/mycompany
  <ServerIP>
  Default
  http://servername
  <Servername>
  Default
  http://servername
  http://contoso.mycompany.com
  Extranet
  http://contoso.mycompany.com
  In IIS webapp 80. http redirect:
  redirect requests to this destination is checked: http://contoso.mycompany.com/sites/mycompany
  can you help me? thanks

• I have an iPhone 4S I have done the recent update 6.1 and now my App Store is not working when I go into the feature tab I get an error " too many HTTP redirects" how do I fix this ? The other tabs are working and it is working on my iPad also

  I am having a problem getting into the App Store on my iPhone since the recent update, I have a 4s and it appears the feature tab is not working. When I try to go into the feature tab in the App Store I get a message "too many HTTP redirects" ?... Does anyone now hoe to fix this issue, the other tabs are working okay and everything is working on my iPad ?

  Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
  iPad: Issues connecting to Wi-Fi networks  http://support.apple.com/kb/ts3304
  iOS: Recommended settings for Wi-Fi routers and access points  http://support.apple.com/kb/HT4199
  Additional things to try.
  Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
  Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
  Change the channel on your wireless router (Auto is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
  Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
  How to Quickly Fix iPad 3 Wi-Fi Reception Problems
  http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
  If none of the above suggestions work, look at this link.
  iPad Wi-Fi Problems: Comprehensive List of Fixes
  http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
  Fix iPad Wifi Connection and Signal Issues  http://www.youtube.com/watch?v=uwWtIG5jUxE
  Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
  Unable to Connect After iOS Update - saw this solution on another post.
  https://discussions.apple.com/thread/4010130
  Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
  ~~~~~~~~~~~~~~~
  If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
   Cheers, Tom

• HT1933 How are you supposed to do this when it DOESN'T EVEN WORK!!!! you press report problem and it comes up saying " too many http redirects". Total useless !

  How are you supposed to REPORT THE PROBLEM when it DOESN'T EVEN WORK!!
  I clicked it as I got a receipt for something that HAS NOT EVEN BEEN BOUGHT ! (It's funny how apple try to charge me twice for something when I work nightshift and my phones switched off!)
  and all that happened was it came up saying "too many HTTP redirects" .
  And it won't let me report it ! X

  Go here:
  http://www.apple.com/support/itunes/contact/
  and follow the instructions to report your issue to the iTunes Store.
  Regards.

• TS1702 I purchased 2 packages of gems for skylanders and only received 1 package. Got email receipts and tried to report problem on ipad2 and it keeps coming up with to many https redirects. Can anyone help? Just want my gems :).

  I purchased 2 packages of gems for skylanders and only received 1 package. Got email receipts and tried to report problem with link in email on my ipad2 and it keeps coming up with to many https redirects. Can anyone help? Just want my gems :).

  Contact iTunes Customer Service and request assistance
  Use this Link  >  Apple  Support  iTunes Store  Contact

• How do I get rid of (to many HTTP redirects) from my App Store

  Every time I go to categories or top 25 I cannot get in it keeps saying to many HTTP redirect how can I fix this
  It did not start until I had my phone reset. And I try resetting my phone again and it won't even reset now

  Clearing the History and Cookies on Safari then closing safari from the background has helped me with this issue
  Go to Settings then click on Safari. Once there, clear the cookies and data. Then go into safari app then clear the history. Once you do that, close safari from the background by double clicking the home button, hold the app then hit the red - to close.

• Every time I click on the Categories tab or Top 25 tab in the app store, it says 'too many http redirects'

  Every time I open the app store on my iPod touch, it says 'too many http redirects' whenever I click on the Categories and Top 25 tabs. I tried force quitting the app store, that didn't work. I tried closing all windows in Safari and force quitting safari, also didn't work. I reset the network settings, that didn't work either. When I reset all settings, it appeared to work. The tabs were different (it had a Genius tab), but it worked. However, immediately after force quitting the app store (I force quit a lot to keep as much RAM clear as possible), the same thing happened again. Does anyone know a permanent, Apple-supported solution to this problem? And please do not say restoring it. I don't want to start from scratch just to potentially experience the same problem.

  See:
  to many HTTP redirects: Apple Support Communities
  However, it seems to be an Apple/network problem beyond your control

• I need to know how to force a https redirect in Adobe Muse if this can't be done please tell me so I don't waste any more time... please

  I need to know how to force a https redirect in Adobe Muse if this can't be done please tell me so I don't waste any more time... please

  Protocol usage and redirects are a server-side thing. This has nothing to do with designing the web page and thus nothing with Muse, either.
  Mylenium

• Setting HTTPS redirect in NetWeaver CE 7.1 EhP1

  I would like to redirect all HTTP requests such that users will always use HTTPS access. I found an OSS note 973644 that explains the steps for non CE environments. Does anyone know how to setup HTTPS redirect on NetWeaver CE 7.1 Ehp1?
  Regards,
  Asif

  Hi Lee,
  I think I know how to solve this. I have just solved a similar problem with my PI 7.1 EHP1. Deployment in JSPM of various software components all failed like this example:
  JSPM log:
  Deploy status is 'Aborted'
  Client path '
  pi71\sapmnt\trans\EPS\in\SAPXIAF04_7-20002649.SCA'
  Description:'1. ERROR CODE DPL.DS.5089  Exception during generating components of sap.com/com.sap.aii.af.app  application in webservices_container container.
     -> com.sap.engine.services.webservices.espbase.configuration.BindingData.getConfigurationType()I'.
  Default Trace:
  Caused by: java.lang.NoSuchMethodError: com.sap.engine.services.webservices.espbase.configuration.BindingData.getConfigurationType()I
  at com.sap.engine.services.webservices.server.deploy.WSBaseAbstractDProcess.getBindingDataId
  After that most of the browser based admin apps, such as NetWeaver Administrator ( /nwa ), would refuse to start.
  But finally after several tests, searching on SDN+SMP and restore to backup version I found the solution in [SAP Note 1328776|http://service.sap.com/sap/support/notes/1328776] which describes a similar problem: Update to the newest version of ENGINEAPI 7.11. Today this is ENGINEAPI04P_4-20002603.SCA.
  You may also want to make sure that you are running the newest version of the Configuration Wizard, so you should check/update LMTOOLS, LMCTC and LMCFG*, currently LMTOOLS04P_3-20002705.SCA, LMCTC04P_1-20002694.SCA and LMCFG04P_4-20002729.SCA.
  I hope this proves to be useful.
  regards
  Mauri

• Http redirects not changing url in address bar

  I'm going crazy trying to fix a major bug in our application. Http
  redirects are not changing the url in the address bar of the latest versions of internet explorer. But this only happens if the redirected page is an xml page with an xslt reference for the browser to do the transformation. Mozilla seems to work fine, but I seem to have encountered a major bug in Internet Explorer. If anybody can help or at least point me in a direction I'd be SO grateful. This doesn't seem to be a java servlet specific issue, but that's what we're using so I thought I'd ask the question here too.
  We have an MVC type framework we developed. For example, if you were to add something to a shopping cart, the url might be:
  http://ecommerce.com/cart/add?sku=54321. In the add servlet, we would add the sku to your shopping cart and then redirect to, let's say,
  http://ecommerce.com/displaycart. I think this is how most MVC frameworks work. And it works great for us.
  The problem began when we started sending XML to the browser with an XSLT stylesheet. So now the browser does the transformations (if the browser is capable of doing them, which we check) instead of the server. This is a major part of our project. One of the reasons we started this.
  The problem is that Internet Explorer no longer updates the url in the
  address bar after a redirect. Mozilla works great though. We haven't
  tested on other xslt capable browsers yet. In the example above, what would happen is after adding something to your shopping cart, the "displaycart" page would be shown but the http://ecommerce.com/cart/add?sku=54321 url would be shown in the address bar. It wouldn't seem to be too big of a deal since everything works. But now all the relative links are messed up. They start from the "cart" directory. So we need absolute links. But that introduces many other problems. We then need to know the host and the parent directories (not as easy as it seems).
  So is there a solution? Is this a big bug that nobody has realized yet (or maybe they have, but my searches don't see it) in internet explorer? Is there a way for the redirected url to appear in the address bar from a browser-based xslt transformation in internet explorer? By the way, I'm testing with the latest version of IE6.0 as of July 7, 2003.
  When testing, redirects work perfect if I do the xslt transformation on the server side and just send plain html to internet explorer. And it works perfect with either serverside or browserside xslt transformations in mozilla.
  Scott Mueller
  AccelerateBiz Incorporated

  As I've been reading in the specs, microsoft, etc, it seems that it's not what's supposed to happen. But the specs are not very specific about this. However, internet explorer DOES always replace the url in the address bar with the redirected url if HTML is being returned from the redirected servlet. As is the case with all other browsers. So, at least, this behavior is the de-facto standard.
  BUT when the redirected to page is an xml page which references an xslt stylesheet.. then, ONLY in internet explorer, the original url is what's shown in the address bar (and, more importantly, what's used as the base url). Regardless of what the links look like or how they're manipulated in the transformed HTML that ends up being shown, I can't seem to make the url in the address bar the redirected url..

• Http redirection limit in safari

  Hi,
  I'll try to be as clear as possible about my question:
  Situation
  I took 10 Macbook Air's out of their boxes, installed Mountain Lion and installed the latest updates.
  When visiting a (Citrix) portal, i have no issues with Safari after logging in and clicking on the presented ICA file.
  Next, i took 10 Macbook Pro's out of their boxes, repeated the same steps to install and update them. When visiting that same portal, logging in with the same credentials, i get errors in Safari about too many HTTP redirects.
  Research on this topic
  I've researched this error, many people blame the website your visiting. this is wrong in my case, since the first 10 laptops didn't show that error.
  It is advised to reset Safari; i tried. didn't solve my problem. Besides, why would it make a difference since the first 10 laptops didn't get that error ?
  It turned out, after Googling some more about this, that each browser (Safari, Chrome, Firefox, Opera) has a limit set for HTTP redirections (the default amount of max. redirections is 20).
  On lots of websites people fixed this issue bij installing FireFox, which i is my preferred solution; i want my customers to just use Safari. But, for being sure if this would indeed solve the issue i tried this solution: in about:config changing the properties for HTTP redirection settings from 20 to some higher value (i used 999 in my test) fixed the issue. This seems to be the proof getting the "too many HTTP redirections" isn't neccesarily caused by the website. It is caused by the restriction of having a max ammount of http redirections in Safari.
  The Question
  In Safari 6, how do i change the max ammount of HTTP redirections ?
  Is there some sort of hidden preference pane ?

  Then, your only action is to follow its steps:
  If the issue persists, sending feedback to the affected website may help. You can also send feedback to Apple by choosing Safari > Report Bugs to Apple.
  Also, a google search for redirects  site:developer.apple.com
  yields
  http://developer.apple.com/library/mac/#documentation/cocoa/conceptual/urlloadin gsystem/Articles/RequestChanges.html and
  http://developer.apple.com/library/ios/documentation/Foundation/Reference/NSURLC onnectionDataDelegate_protocol/NSURLConnectionDataDelegate_protocol.pdf