WebLogic Server Redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) Requests
(Doc ID 1076734.1)
Last updated on AUGUST 16, 2023
Applies to:Oracle WebLogic Server - Version 10.3 to 10.3.1
Information in this document applies to any platform.
Issue was found in WebLogic Server (WLS) where WLS redirects SSL HTTPS requests with WL-Proxy-SSL header as HTTP (non-secure) requests.
For example, when using a F5 BigIP load balancer to do the SSL termination for WLS, we see from the WLS logs that F5 is correctly passing the WL-Proxy-SSL:true in the HTTP header to WLS. However, WLS still considers that it is serving a non-SSL request, and does all the redirects in HTTP.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document