2 Replies Latest reply: Nov 29, 2013 10:48 AM by mlustfield RSS

    SSL Redirection

    mlustfield

      I'm doing SSL Scanning with traffic within our company using a Web Gateway 7 appliance. If the browser supports SNI (these do), I'm able to redirect based on the host requested. However, I need to match the path as well. I'm basically trying to do https://domain.com/request.xhtml --> https://internal.com/request. Since I'm doing SSL scanning, it seems like I should be able to do this, but I'm not figuring out how. Has anyone done this that could help me figure it out?

        • 1. Re: SSL Redirection
          Jon Scholten

          Based on the fact that it is not working with path information, I would guess that SSL scanning is NOT applying. You should also check to see that for the initial request you see the Web Gateway's CA certificate.

           

          If you're using a modern browser (ie9+ or FF or chrome), you can use F12 tools, to see if the Web Gateway is actually sending the redirect.

           

          If you run rule traces, do you see any requests for the full URL instead of just the host?

           

          Best,

          Jon

          • 2. Re: SSL Redirection
            mlustfield

            Thanks! The rule tracing helped me realized that only some requests were being sent to the correct domain. When the request actually goes to the gateway, it works exactly like it's supposed to.