WebLogic Server Redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) Requests

(Doc ID 1076734.1)

Last updated on NOVEMBER 05, 2016

Applies to:

Oracle WebLogic Server - Version 10.3 to 10.3.1
Information in this document applies to any platform.
***Checked for relevance on 25-Mar-2016***


Symptoms

Issue was found in WebLogic Server (WLS) where WLS redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) requests.

For example, when using a F5 BigIP load balancer to do the SSL termination for WLS, we see from the WLS logs that F5 is correctly passing the WL-Proxy-SSL:true in the HTTP header to WLS. However, WLS still considers that it is serving a non-SSL request, and does all the redirects in HTTP.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms