Hi,
i've seen a very odd behaviour:
We have an Alteon2424-ssl CLuster in place and are using the SSL Configuration for an Application-Cluster to address.
If i start a Session to the application its transported by HTTPS to my client (somwhere else on the internet).
but then it starts responding over http instead of https!
And i don't know why!
Heres part of the configuration:
/cfg/ssl/server 5/.
vip x.x.x.x
port "443 (https)"
rport "80 (http)"
type http
proxy off
ena enabled
/cfg/ssl/server 5/trace/.
/cfg/ssl/server 5/ssl/.
cert 5
cachesize 4000
cachettl 5m
cachain 3
protocol ssl3
verify none
ciphers ALL@STRENGTH
ena enabled
/cfg/ssl/server 5/tcp/.
cwrite 15m
ckeep 15m
swrite 15m
sconnect 30s
csendbuf auto
crecbuf auto
ssendbuf auto
srecbuf 6000
/cfg/ssl/server 5/http/.
redirect on
downstatus unavailable
certcard off
securecookie on
cookieonce off
sslheader on
sslxheader off
sslsidheader off
addxfor off
addvia on
addxisd off
addfront off
addbeassl off
addbeacli off
addclicert off
addnostore off
cmsie shut
rhost off
compress off
maxrcount 40
maxline 8192
/cfg/ssl/server 5/http/dynheader/.
/cfg/ssl/server 5/http/rewrite/.
rewrite off
ciphers HIGH:MEDIUM
response iSD
URI "/cgi-bin/weakcipher"
/cfg/ssl/server 5/http/auth/.
mode basic
realm Xnet
proxy off
ena disabled
/cfg/ssl/server 5/dns/.
/cfg/ssl/server 5/adv/.
/cfg/ssl/server 5/adv/pool/.
timeout 15s
ena disabled
/cfg/ssl/server 5/adv/traflog/.
sysloghost x.x.x.x
udpport 514
priority info
facility local4
ena disabled
/cfg/ssl/server 5/adv/standalone/.
ena disabled
/cfg/ssl/server 5/adv/standalone/iplist/.
/cfg/ssl/server 5/adv/loadbalancing/.
type all
persistence none
metric hash
health auto
interval 10s
ena enabled
/cfg/ssl/server 5/adv/loadbalancing/script/.
/cfg/ssl/server 5/adv/loadbalancing/remotessl/.
protocol ssl3
ciphers ALL
/cfg/ssl/server 5/adv/loadbalancing/remotessl/verify/.
verify none
/cfg/ssl/server 5/adv/loadbalancing/backend 1/.
ip x.x.x.x
port 80
sslconnect off
remote false
remotessl false
lbop any
ena enabled
/cfg/ssl/server 5/adv/loadbalancing/backend 2/.
ip x.x.x.x
port 80
sslconnect off
remote false
remotessl false
lbop any
ena enabled
/cfg/ssl/server 5/adv/sslconnect/.
protocol ssl3
ciphers EXP-RC4-MD5:ALL!DH
ena disabled
/cfg/ssl/server 5/adv/sslconnect/verify/.
verify none
i hope someone will be able to sort this out!
Thanks very much in advance!
MPflueger
i've seen a very odd behaviour:
We have an Alteon2424-ssl CLuster in place and are using the SSL Configuration for an Application-Cluster to address.
If i start a Session to the application its transported by HTTPS to my client (somwhere else on the internet).
but then it starts responding over http instead of https!
And i don't know why!
Heres part of the configuration:
/cfg/ssl/server 5/.
vip x.x.x.x
port "443 (https)"
rport "80 (http)"
type http
proxy off
ena enabled
/cfg/ssl/server 5/trace/.
/cfg/ssl/server 5/ssl/.
cert 5
cachesize 4000
cachettl 5m
cachain 3
protocol ssl3
verify none
ciphers ALL@STRENGTH
ena enabled
/cfg/ssl/server 5/tcp/.
cwrite 15m
ckeep 15m
swrite 15m
sconnect 30s
csendbuf auto
crecbuf auto
ssendbuf auto
srecbuf 6000
/cfg/ssl/server 5/http/.
redirect on
downstatus unavailable
certcard off
securecookie on
cookieonce off
sslheader on
sslxheader off
sslsidheader off
addxfor off
addvia on
addxisd off
addfront off
addbeassl off
addbeacli off
addclicert off
addnostore off
cmsie shut
rhost off
compress off
maxrcount 40
maxline 8192
/cfg/ssl/server 5/http/dynheader/.
/cfg/ssl/server 5/http/rewrite/.
rewrite off
ciphers HIGH:MEDIUM
response iSD
URI "/cgi-bin/weakcipher"
/cfg/ssl/server 5/http/auth/.
mode basic
realm Xnet
proxy off
ena disabled
/cfg/ssl/server 5/dns/.
/cfg/ssl/server 5/adv/.
/cfg/ssl/server 5/adv/pool/.
timeout 15s
ena disabled
/cfg/ssl/server 5/adv/traflog/.
sysloghost x.x.x.x
udpport 514
priority info
facility local4
ena disabled
/cfg/ssl/server 5/adv/standalone/.
ena disabled
/cfg/ssl/server 5/adv/standalone/iplist/.
/cfg/ssl/server 5/adv/loadbalancing/.
type all
persistence none
metric hash
health auto
interval 10s
ena enabled
/cfg/ssl/server 5/adv/loadbalancing/script/.
/cfg/ssl/server 5/adv/loadbalancing/remotessl/.
protocol ssl3
ciphers ALL
/cfg/ssl/server 5/adv/loadbalancing/remotessl/verify/.
verify none
/cfg/ssl/server 5/adv/loadbalancing/backend 1/.
ip x.x.x.x
port 80
sslconnect off
remote false
remotessl false
lbop any
ena enabled
/cfg/ssl/server 5/adv/loadbalancing/backend 2/.
ip x.x.x.x
port 80
sslconnect off
remote false
remotessl false
lbop any
ena enabled
/cfg/ssl/server 5/adv/sslconnect/.
protocol ssl3
ciphers EXP-RC4-MD5:ALL!DH
ena disabled
/cfg/ssl/server 5/adv/sslconnect/verify/.
verify none
i hope someone will be able to sort this out!
Thanks very much in advance!
MPflueger
