WebLogic Server Redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) Requests
Last updated on NOVEMBER 05, 2016
Applies to:Oracle WebLogic Server - Version 10.3 to 10.3.1
Information in this document applies to any platform.
***Checked for relevance on 25-Mar-2016***
Issue was found in WebLogic Server (WLS) where WLS redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) requests.
For example, when using a F5 BigIP load balancer to do the SSL termination for WLS, we see from the WLS logs that F5 is correctly passing the WL-Proxy-SSL:true in the HTTP header to WLS. However, WLS still considers that it is serving a non-SSL request, and does all the redirects in HTTP.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms