需求:
Oracle Agile需要加密传输,需要F5做SSL OFFLOAD。
oracle support 说明:
Set "WebLogic Plug-In Enabled" settings (under Servers==>==>Advanced and under agileDomain==>Web Applications) to Yes. Also configure F5 load balancer to set HTTP header "WL-PROXY-SSL" to true. This resolved the issue.
Set 'WebLogic Plug-In Enabled' and restart server.
- Login to weblogic admin console
- Lock and edit
a - In the left pane, click on agileDomain and Web Applications on the right pane
b - Scroll down that right pane above and find the setting: WebLogic Plugin Enabled
c - Enable the check box - Environment | Servers
- Click on each managed cluster node link in the right pane
- In the General tab, click on the Advanced section below
- Set WebLogic Plug-In Enabled: to YES
- Click on Save and Release configuration
- Do this for each cluster moanaged node
- Restart the weblogic Agile cluster
On the F5 loadbalancer, perform the equivalent of this setting ‘RequestHeader set WL-Proxy-SSL true’.
Try HTTPS url:
https://agile934Server.com/Agile/PLMServlet
Note: this applys to all proxy and load balancer.
How to set ‘RequestHeader set WL-Proxy-SSL ’ to true.
For Apache Reverse proxy:
In the apache httpd.conf file>
Uncomment ‘LoadModule headers_module modules/mod_headers.so’
Add ‘RequestHeader set WL-Proxy-SSL true’
For a loadbalancer like Netscaler:
enable ns feature REWRITE
add rewrite action Insert-SSL-Header insert_http_header WL-Proxy-SSL "\"true\"" -bypassSafetyCheck YES
add rewrite policy SSL-Header-policy HTTP.REQ.IS_VALID Insert-SSL-Header
bind lb vserver agilestage.corp-443 -policyName SSL-Header-policy -priority 100 -gotoPriorityExpression END -type REQUEST
F5配置:
配置标准80 vs,关联80到443重定向
配置标准443 vs,关联header inset 和uri重定向irule,
irule:
when HTTP_REQUEST {
HTTP::header insert "WL-Proxy-SSL true"
if { [HTTP::uri] equals "/" } {
HTTP::redirect https://[HTTP::host]/Agile}
}
优势:通过F5做SSL OFFLOAD,能够节约后端大量的开发时间。
578
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
