A user might attempt to access a secure web site by sending an HTTP request. You can drop such requests or redirect the request to the secure web site. In earlier releases, to redirect the request to the secure web site, you were required to do the following:
- Add HTTP and HTTPS virtual servers with the same IP address but different ports.
- Add a responder action that redirects all traffic to the HTTPS virtual server.
- Add a responder policy specifying the above action, and bind the policy to the HTTP virtual server.
From release 11.1, you can configure an HTTPS virtual server to also process all HTTP traffic. That is, if HTTP traffic is received on the HTTPS virtual server, the appliance internally prepends "https://" to the incoming URL or redirects the traffic to another HTTPS URL, depending on the option configured.
To achieve this, two new parameters, -httpsRedirectUrl and -redirectFromPort are added to the "add lb vserver" command.
- redirectFromPort: All HTTP traffic received on this port is prefixed with https:// in the URL and redirected.
- httpsRedirectUrl: All HTTP traffic received on the port specified in the -redirectFromPort parameter is redirected to this URL. For example, all HTTPS traffic received on http://www.example.com is redirected to https://www.sample.com.
To configure HTTP to HTTPS redirect by using the NetScaler command line
At the command prompt, type:
add lb vserver <name> <serviceType> -redirectFromPort <port | *> -httpsRedirectUrl <URL>
To configure HTTP to HTTPS redirect by using the NetScaler GUI
- Navigate to Traffic Management > Load Balancing > Virtual Servers.
- Add a virtual server of type SSL and click OK.
- Edit Basic Settings, click More, and add values for Redirect From Port and HTTPS Redirect URL.