My Oracle Support Banner

WebLogic Server Redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) Requests (Doc ID 1076734.1)

Last updated on AUGUST 16, 2023

Applies to:

Oracle WebLogic Server - Version 10.3 to 10.3.1
Information in this document applies to any platform.


Issue was found in WebLogic Server (WLS) where WLS redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) requests.

For example, when using a F5 BigIP load balancer to do the SSL termination for WLS, we see from the WLS logs that F5 is correctly passing the WL-Proxy-SSL:true in the HTTP header to WLS. However, WLS still considers that it is serving a non-SSL request, and does all the redirects in HTTP.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.