HAPROXY-Weblogic, issue with https-ssl connection

Question

Recently have been deployed a web page using Weblogic Cluster. The page inside the WL works properly.

In front of the WebLogic Servers there are two servers with Apache, keepalived and HAPROXY installed.

The problem we have is that whenever you access from internet the web page, it display wells. Then when you put the user/password it sends an error saying: "Web Page /URL xxxxxxxxxxx not found."

If we go through http the whole time instaed of https, everything works fine. The problem seems that when haproxy (apache server) receives the http answser from the WL cluster, the HAPROXY can't handle it. The site is supposed to work the whole time as https.

Here is the configuration of the haproxy, because we think the problem is with this service itself. Since on the WL side, the portal works fine with http.

We tried to put a self-signed certificate on the WL cluster but we got two problems, the web page sends a time out after trying to log in or it won't simple display anyhting.

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend  main
bind 172.20.1.43:5050
bind 172.20.1.43:443 ssl crt /etc/ssl/private/luminarias.pem
#mode tcp 
mode http
option tcp-check 
default_backend             app 

frontend check
bind 172.20.1.43:8014
mode http 
default_backend checkWebApp 

#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
#mode tcp
mode http
stats enable
stats auth system:xxxxx
cookie JSESSIONID prefix
option httpclose
option forwardfor
server WSASEP_APP1 7.7.7.2:8014 check inter 1s
server WSASEP_APP2 7.7.7.5:8014 check inter 1s

backend checkWebApp
balance roundrobin
mode http
stats enable
stats auth xxxxx:xxxxx
cookie JSESSIONID prefix
option httpclose
option forwardfor
server WSASEP_APP1 7.7.7.2:8014 check inter 1s
server WSASEP_APP2 7.7.7.5:8014 check inter 1s

From what you have described, you don’t seem to have anything to tell weblogic server that the request came in over https, which the login page is presumably requiring, so it redirects you to the https version of the URL and the cycle repeats because it never sees it coming in as https. You need to enable the ‘Uses WebLogic Module’ for the WLS managed server, and then either use weblogic module in Apache httpd (I would not do that)... or set the header that ‘Uses WebLogic Module’ expects (I can’t remember the name of that, but I’ve written something here before...) — Cameron Kerr, Dec 01 '18 at 08:06

score 0 · Accepted Answer · answered Jan 03 '19 at 12:02

Solution: Make sure the option "Weblogic plugin enabled" is ticked in the weblogic servers. So they know they should reply with https scheme in their redirects.

Second option: Weblogic plugin for apache also has an option which didn't yield too many good results for me "WLProxySSL on"

HAPROXY-Weblogic, issue with https-ssl connection

1 Answers1