https://support.f5.com/csp/article/K14996
Using the Configuration utility to configure a local traffic policy to redirect HTTP requests to HTTPS for a virtual server
Impact of procedure: Performing the following procedure should not have a negative impact on your system.
- Log in to the Configuration utility.
- Navigate to Local Traffic > Policies > Policy List.
- Click Create.The Configuration utility displays a New Policy page.
- Type the desired policy name in the Name setting.For example:myHTTPtoHTTPSpolicy
- Select the appropriate Strategy setting for your application environment. If you are performing this procedure to only redirect HTTP requests to HTTPS, you can leave the Strategy setting as first-match, which is the default setting.
- For the Requires setting, from the Available list, select http, and move it to the Selected list.
- For the Controls setting, from the Available list, select forwarding and move it to the Selected list.
- In the Rules section, click Add.
- In the Rule Name setting, enter the desired rule name.For example:myHTTPtoHTTPSrule
- Under the Rule Properties section, in the Actions setting, select the stated values for the following operands:
- Target: http-reply
- Event: request
- Action: redirect
- Parameters: location*
- Under the Parameters operand, type the following text in the box:https://[getfield [HTTP::host] ":" 1][HTTP::uri]Note: The [getfield [HTTP::host] ":" 1] function extracts the host name from the host header and, if a non-standard port is specified, removes the port from the host header.
- To the right of the input/Value field, click Add.The configured parameter appears in the Parameters operand list box.
- Click Add.The configured settings for the action appear in the Actions setting list.
- To save the new rule and policy, click Finished.
- Navigate to Local Traffic > Virtual Servers > Virtual Server List.
- Under the Resources column for the HTTP virtual server that you want to redirect HTTP requests, click the Edit link.
- Under the Policies section, click Manage.
- From the Available list, select the local traffic policy you created in previous steps and move it to the Enabled list.
- To save the changes, click Finished.
Using the tmsh utility to configure a local traffic policy to redirect HTTP requests to HTTPS for a virtual server
Impact of procedure: Performing the following procedure should not have a negative impact on your system.
- Log in to the Traffic Management Shell (tmsh) by typing the following command:tmsh
- Create a local traffic policy to redirect HTTP requests to HTTPS by using the following command syntax:create /ltm policy <policy name> controls add { forwarding } requires add { http } strategy first-match rules add { <rule name> { actions add { 0 { http-reply redirect location "https://[getfield [HTTP::host] \":\" 1][HTTP::uri]" } } } }For example, to create a local traffic policy with the myHTTPtoHTTPSpolicy policy name and myHTTPtoHTTPSrule rule name, you would type the following command:create /ltm policy myHTTPtoHTTPSpolicy controls add { forwarding } requires add { http } strategy first-match rules add { myHTTPtoHTTPSrule { actions add { 0 { http-reply redirect location "https://[getfield [HTTP::host] \":\" 1][HTTP::uri]" } } } }
- Associate the local traffic policy with the HTTP virtual server that you want to redirect HTTP requests, by using the following command syntax:modify /ltm virtual <virtual server name> policies add { <policy name> }For example, to associate the myHTTPtoHTTPSpolicy local traffic policy you created in step 2 with the myHTTPvs HTTP virtual server, you would type the following command:modify /ltm virtual myHTTPvs policies add { myHTTPtoHTTPSpolicy }
- Save the change by typing the following command:save /sys config
Tidak ada komentar:
Posting Komentar