F5給oracle agile作SSL OFFLOAFD

需求：

Oracle Agile須要加密傳輸，須要F5作SSL OFFLOAD。

oracle support 說明：
Set "WebLogic Plug-In Enabled" settings (under Servers==>==>Advanced and under agileDomain==>Web Applications) to Yes. Also configure F5 load balancer to set HTTP header "WL-PROXY-SSL" to true. This resolved the issue.

Set 'WebLogic Plug-In Enabled' and restart server.

1. Login to weblogic admin console
2. Lock and edit
   a - In the left pane, click on agileDomain and Web Applications on the right pane
   b - Scroll down that right pane above and find the setting: WebLogic Plugin Enabled
   c - Enable the check box
3. Environment | Servers
4. Click on each managed cluster node link in the right pane
5. In the General tab, click on the Advanced section below
6. Set WebLogic Plug-In Enabled: to YES
7. Click on Save and Release configuration
8. Do this for each cluster moanaged node
9. Restart the weblogic Agile cluster

On the F5 loadbalancer, perform the equivalent of this setting ‘RequestHeader set WL-Proxy-SSL true’.

Try HTTPS url:
https://agile934Server.com/Agile/PLMServlet

Note: this applys to all proxy and load balancer.

How to set ‘RequestHeader set WL-Proxy-SSL ’ to true.

For Apache Reverse proxy:

In the apache httpd.conf file>
Uncomment ‘LoadModule headers_module modules/mod_headers.so’
Add ‘RequestHeader set WL-Proxy-SSL true’

For a loadbalancer like Netscaler:

enable ns feature REWRITE
add rewrite action Insert-SSL-Header insert_http_header WL-Proxy-SSL "\"true\"" -bypassSafetyCheck YES
add rewrite policy SSL-Header-policy HTTP.REQ.IS_VALID Insert-SSL-Header
bind lb vserver agilestage.corp-443 -policyName SSL-Header-policy -priority 100 -gotoPriorityExpression END -type REQUEST

F5配置：
配置標準80 vs，關聯80到443重定向
配置標準443 vs，關聯header inset 和uri重定向irule,

irule：
when HTTP_REQUEST {
HTTP::header insert "WL-Proxy-SSL true"
if { [HTTP::uri] equals "/" } {
HTTP::redirect https://[HTTP::host]/Agile}
}

優點：經過F5作SSL OFFLOAD，可以節約後端大量的開發時間。