Wednesday, 19 November 2014

configuring the BIG-IP system for SSL offload | WebSphere application server

configuring the BIG-IP system for SSL offload

For certain applications, when SSL offload is used, a special variable must be set on the BIG-IP system to tell the WebSphere Application server that SSL has been offloaded. This allows WebSphere to properly form its URLs and redirects, and reduces the need for iRules or Stream profiles on the BIG-IP system.
If the BIG-IP system is offloading SSL from your WebSphere application, we recommend performing the following tasks on the BIG-IP system and the WebSphere application server as applicable.
On the BIG-IP system
The HTTP profile must have the Request Header Insert enabled. To modify an existing profile to enable this header, use the following procedure.
1.      On the Main tab, expand Local Traffic and then click Profiles.
2.      Click the name of the HTTP profile you created for the WebSphere application.
3.      In the Request Header Insert row, click the Custom button if necessary, and then use the following syntax in the box: <value>:

For example: httpsoffload: Be sure to include the colon. This value must match the value you configure on the WebSphere Application Server in the next section.
1.      Click the Update button.




On the WebSphere application server


The WebSphere application server needs to be configured to detect the header you configured in the preceding procedure. For more specific instructions, consult the WebSphere documentation.
1.      Connect to the administration port for the WebSphere server.
2.      Navigate to Servers > Application Servers and then select the App Server.
3.      Navigate to Web Container Settings > Web Container > Custom Properties.
4.      Add a property named httpsIndicatorHeader and add a value of httpsoffload.

Note that the property value must match the value used in the BIG-IP system, without the trailing colon, and finally, the property and value are case sensitive. Be sure you do not capitalize the "H" in httpsIndicatorHeader for WebSphere versions 7 or greater.
1.      Navigate to Environment >Virtual Hosts and select the host for your application.
2.      Select Host Aliases.
3.      Add a property with the Host Name of * and a port of 443


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Dump Event "systhrow" (00040000) Detail "java/lang/OutOfMemoryError" "Failed to create a thread: retVal -1073741830, errno 11" received

1. Output of the following commands (non root): ulimit -u ulimit -a df -k 2. From any of the JVM that is running, please get it's...