CTX117344
NetScaler
NetScaler_all
Licensing,Security
2016-05-02
2005-06-06
This article contains information about configuring URL redirection for Secure Socket Layer (SSL) on a NetScaler appliance.

Objective

This article contains information about configuring URL redirection for Secure Socket Layer (SSL) on a NetScaler appliance.

At times, to ensure a secure access to the Web site, the client request can be redirected to a secure link. The URL redirection feature enables to redirect a client request to a secure Web site on SSL.

To redirect client requests, configure the two Load Balancing virtual servers (VServers) in such a way that when the HTTP requests reach the first Load Balancing VServer, which is always down, the requests are redirected to the second Load Balancing VServer with HTTPS request due to the Content Switching policy configured on the appliance.


Instructions

To configure URL redirection for SSL on a NetScaler appliance, complete the following procedure:

  1. If not already enabled, run the following command from the command line interface of the NetScaler appliance to enable the Content Switching feature:

    enable ns feature CS

  2. Run the following commands to create two Load Balancing VServers:

    add lb vserver <First_LB_Server_Name> HTTP 0.0.0.0 0 -persistenceType NONE -cltTimeout 180
    add lb vserver <Second_LB_Server_Name> HTTP 0.0.0.0 0 -persistenceType NONE -state DISABLED -redirectURL https://www.example.com/ -cltTimeout 180

    The following screen shots display the corresponding VServers created from the GUI of the appliance:

    User-added image

    User-added image

    Note: One of these VServers serves all the client requests and the other only performs URL redirection. The second VServer is disabled because the sole purpose of the VServer is to redirect URLs.

  3. Run the following commands to create Content Switching VServers:

    add cs vserver <CS_HTTP_VSERVER_Name> HTTP 1.1.1.1 80
    add cs vserver <CS_SSL_VSERVER_Name> SSL 1.1.1.1 443

    Note: If you have already created a Load Balancing VServer with the same IP address and port number, you must remove it before completing this step.

  4. Run the following commands to bind the respective Load Balancing and Content Switching VServers created in this procedure:

    bind cs vserver <CS_HTTP_VSERVER_Name> <Second_LB_Server_Name>
    bind cs vserver <CS_SSL_VSERVER_Name> <First_LB_Server_Name>

    The following screen shots display the corresponding bindings of the VServers from the GUI of the appliance, which??must be removed??before completing this step:

    User-added image

    User-added image

    Note: In addition to the server, you must bind the appropriate services to the Load Balancing VServers and the SSL key certificate pairs to the SSL Content Switching VServer.


Additional Resources


Applicable Products


 

Join the conversation

Citrix Discussions

Open a case

Citrix Support

特别说明


本文来源为Citrix.com所有,翻译后版权归翻译者所有.如需转载请注明出处.

文档版本


.

广告招租


最新留言


.

广告招租


.