https://community.cisco.com/t5/application-networking/css-ssl-re-write/m-p/323553#M5281 <P>I am in the process of replacing my present css with the newer 11503s with SSl offload capability. I did some initial testing and was unable to perform the url rewrite. I did some research and found that the web server must give a 300 code redirect to make the CSS re-write and HTTP link. </P><P> Is therea design plan available which will allow the web server, which doesn't send a 300 code for an link- especially the ones with HREF- the ability to convert http to https and still maintain the session.</P><P></P><P>I am trying to use 2 CSS11503s in a one arm design, with the css performing the SSL offload. The css encrypts the first page, but doesn't encrypt the links which use HREF.</P><P></P><P>Any ideas?</P><P></P><P></P> Sun, 23 Jan 2005 03:43:32 GMT wilsons5 2005-01-23T03:43:32Z https://community.cisco.com/t5/application-networking/css-ssl-re-write/m-p/323553#M5281 <P>I am in the process of replacing my present css with the newer 11503s with SSl offload capability. I did some initial testing and was unable to perform the url rewrite. I did some research and found that the web server must give a 300 code redirect to make the CSS re-write and HTTP link. </P><P> Is therea design plan available which will allow the web server, which doesn't send a 300 code for an link- especially the ones with HREF- the ability to convert http to https and still maintain the session.</P><P></P><P>I am trying to use 2 CSS11503s in a one arm design, with the css performing the SSL offload. The css encrypts the first page, but doesn't encrypt the links which use HREF.</P><P></P><P>Any ideas?</P><P></P><P></P> Sun, 23 Jan 2005 03:43:32 GMT https://community.cisco.com/t5/application-networking/css-ssl-re-write/m-p/323553#M5281 wilsons5 2005-01-23T03:43:32Z https://community.cisco.com/t5/application-networking/css-ssl-re-write/m-p/323554#M5282 <HTML><HEAD></HEAD><BODY><P>The SCA is the only ssl offloader that will rewrite any HREF.</P><P>But this requires inspection of every packet sent by the server and has a huge impact on performance.</P><P>Therefore nobody uses this feature except people for which performance is not a requirement.</P><P></P><P></P><P>So, in your case, you should redesign your webserver to send correct HREF.</P><P>You should never use direct link like <A class="jive-link-custom" href="http://" target="_blank">http://</A>.... but instead relative link like ../../...</P><P></P><P>Regards,</P><P></P><P>Gilles.</P></BODY></HTML> Sun, 23 Jan 2005 14:43:57 GMT https://community.cisco.com/t5/application-networking/css-ssl-re-write/m-p/323554#M5282 Gilles Dufour 2005-01-23T14:43:57Z