Download This Guide
Related Documentation
- Configuration Statements for the Redirect Server (SRC CLI)
- Defining Traffic to Transmit to the Redirect Server (SRC CLI)
- Commands to Manage Digital Certificates
Configuring Redirect Server to Support HTTPS Traffic (SRC CLI)
The SRC software supports to redirect HTTPS IP traffic to a configured destination Web server by using the redirect server. The SRC software intercepts the IP traffic at port 443 and forward it to the port in which the redirect server is configured to listen for HTTPS IP traffic. The redirect server accepts HTTPS IP traffic only from the ports that you configured by using the https-port option at the [edit redirect-server ip-redirect] hierarchy level.
Before you start with setting up a redirection for HTTPS IP traffic, you must create a certificate with the domain name of the URL.
 | Note: Whenever you open up an HTTPS page, you get a security warning in the browser for the mismatch between common name of the certificate with the domain name of the URL until you add an exception for the certificate in the browser. |
Use the following statements to configure the redirect server to support HTTPS IP traffic:
| Note: We recommend that you do not use the SSLv2 protocol, because it is deprecated. |
To configure the redirect server to support HTTPS IPv4 traffic:
- In configuration mode, enter the configuration statement
that enables the SRC redirect server to redirect HTTPS IPv4 traffic
to a configured destination Web server.[edit]user@host# redirect-server https
- Configure the HTTPS port on which the redirect server
runs. [edit redirect-server https]user@host# set port port
- Configure the imported Secure Sockets Layer (SSL) certificate.
To import the SSL certificate, use the request security import-certificate command.
For information about manually obtaining certificates, see Manually Obtaining Digital Certificates (SRC CLI).
[edit redirect-server https]user@host# certificate-identifier certificate-identifier - Configure the secure connection protocol to be used by
the redirect server for IPv4 traffic. The default protocol is TLSv1.[edit redirect-server https]user@host# protocol (SSLv2 | SSLv23 | SSLv3 | TLSv1)
To configure the redirect server to support HTTPS IPv6 traffic:
- In configuration mode, enter the configuration statement
that enables the SRC redirect server to redirect HTTPS IPv6 traffic
to a configured destination Web server.[edit]user@host# redirect-server ipv6-redirect https
- Configure the HTTPS port on which the redirect server
runs.[edit redirect-server ipv6-redirect https]user@host# set port port
- Configure the imported Secure Sockets Layer (SSL) certificate.
To import the SSL certificate, use the request security import-certificate command.
For information about manually obtaining certificates, see Manually Obtaining Digital Certificates (SRC CLI).
[edit redirect-server ipv6-redirect https]user@host# certificate-identifier certificate-identifier - Configure the secure connection protocol to be used by
the redirect server for IPv6 traffic. The default protocol is TLSv1.[edit redirect-server ipv6-redirect https]user@host# protocol (SSLv2 | SSLv23 | SSLv3 | TLSv1)
Related Documentation
- Configuration Statements for the Redirect Server (SRC CLI)
- Defining Traffic to Transmit to the Redirect Server (SRC CLI)
- Commands to Manage Digital Certificates
