vADC Forum

Reply
N/A
Posts: 1
Registered: ‎02-16-2013
Accepted Solution

Stingray Traffic Manager Reverse Proxy Problem

In our DMZ network have one Stingray Traffic Manager, We have one Web server in our internal network with http services, The user want from internet also can access this Web site, but for security policy from internet we need use https services, so we use STM do SSL decryption, when finished this seting, from internet we can use https to access this web site, but login the web site found some page can not open, check the page url found still http url, not change to https url.If not enable SSL decryption is working fine.

The web server is SAP NetWeaver Platform, Tests found that can't open and display page is developed by our application team.

Do you have any suggestion for this problem? thanks!

Below is the STM config picture:

11.png

Occasional Contributor
Posts: 13
Registered: ‎07-30-2013

Re: Stingray Traffic Manager Reverse Proxy Problem

Hi yang:

If you make ssl decryption you have a certificate added in your STM, so, check the scope of this certificate, maybe you have use a wildcard for all of your organization, for example: *.yourdomain.com. Another tip to take in mind is that the users forget to call the webpage in a secure way (https), to prevent this, create a rule that redirect http to https, this article may be usefull for you : https://splash.riverbed.com/message/15200#15200

BR

Felix

Contributor
Posts: 29
Registered: ‎10-19-2013

Re: Stingray Traffic Manager Reverse Proxy Problem

Hi there,

did i understand the problem correctly? The login does not work, because some of the URLs created are still http, not https?

If yes, you have a bad application (a application should not include the protocol in generated URLs, it is better to have only relative paths generated by the application)

But still, You can have STM rewrite all http-content and replace http with https. trafficscript function http.getResponseBody(); should do the job


$response = http.getResponseBody();


if( string.contains( $response,"http://" ) ){


$response = string.regexsub( $response, "http://", "https://", "g" ); }




http.setResponseBody( $reponse );


But this only works for plain html, e.g. if your application uses java-applets with urls inside, this will not work.

Best Regards,

Jochen

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.