SSL Termination on BigIP causing security warnings in TeamSite

Stange

I've tried to find others that have run into this same issue to no avail. So here is the issue:

We have users accessing TeamSite over SSL but the SSL certificate is being terminated on the BigIP. After the BigIP, the traffic is clear text. This is causing multiple security warning pop-up messages ("Your are about to be redirected to a connection that is not secure." and "This page contains both secure and nonsecure items.")

A possible solution was identified (http://www.unc.edu/~adamc/docs/tomcat/tc-accel.html) where an SSL header entry is injected at the BigIP but a subsequent change identified in the link above would have to be made on the TeamSite server (Tomcat?). A case was opened with support and we were told it was outside the scope of standard support...but consulting services could be engaged.

Has anyone else run into this issue and found a resolution? We have 4 options at this point:
1. Figure out what change needs to be made on the TeamSite application server...even though it would be unsupported.
2. Modify 2 advanced browser settings to suppress the pop-up
3. Remove SSL from the BigIP
4. Add an SSL certificate on the application server

We are running TeamSite 7.2.1 on Solaris 10.

Thanks,

Jim

thatfish

No Experience of BigIP and am assuming you are offloading the https traffic to it so it does sound like a professional services task. Also, making some assumptions on your infrastructure.

Firstly, the CMS is relatively low traffic so why use an SSL proxy ?

Option 1 is valid although I'd suggest engaging with professional services as A-Iwov have advised.

Given the options below I would go for option 4 (are you sure this is a valid option given that it sounds like the role of BigIP in your infrastructure is to manage https traffic so can this be bypassed ?).

I also suggest firstly validating that your CMS traffic need to be over https e.g. are users accessing the system from outside your network.