Re: SSL Issue - Urgent
From: smith (smith_at_discussions.microsoft.com)
Date: Thu, 14 Jul 2005 07:45:13 -0700
I did see something similar here :
That is what led me to believe there might be a solution, and i wanted to
know if it could be done on the iis level?
"David Wang [Msft]" wrote:
> The device which translates HTTPS->HTTP should also translate responses from
> HTTP->HTTPS, including URLs. It is the only thing that knows the translation
> happened for a given request, therefore it is responsible for transmitting
> this information downstream.
> As you've stated, there is no way that IIS/JRun knows that the original
> request is HTTPS at all -- the device that translates HTTPS->HTTP needs to
> give a hint -- perhaps add an extra HTTP request header that client
> applications can use to detect this.
> This posting is provided "AS IS" with no warranties, and confers no rights.
> "smith" <email@example.com> wrote in message
> We have an f5 ssl offloader that is used in front of IIS 6.0. A https
> request comes to the SSL offloader and is forwarded over http to a webserver
> with the JRun plugin.The problem occurs if the original request is
> by a
> IIS/JRun application. The redirected request becomes an http
> request because IIS/JRun is not aware that the original https
> request was intercepted by a SSL offloader and forwared to
> IIS over http.
> We dont want to install certificates on IIS, is there a way that WebEngine
> can check whether ssl is required so that when it is ssl over http, https
> scheme will be chosen.
> Thanks in advance.