on ‎2008 Dec 15 7:59 PM
We are running EP 7.0 SP14 and have set it up to run through a Cisco ACE loadbalancer. We have also setup SSL with the certificate on the ACE load balancer. Everythign work fine, except we keep getting a Security Alert popup message in IE that states "You are about to be redirected to a connection that is not secure."
Are there some additional configurations that I need to do in EP to make this go away?
Maximum points to the first correct answer.
Request clarification before answering.
maintain the portal HTTPS URL (https://fqdn:50x01/irj) in your loadblancer url settings,
to avoid this alert you need to maintain https access to all your backend system connections, as slava suggested do a trace with the http watch and identify the where the switch happens from https to http .
jo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There are 2 areas that we consistantly see this message, one logout and when running a VC application. Using IEWatch, the URL of the logout does change to http. However, I can not see the URL change to http for the VC app. My guess is that the non-SSL call is occurring within the VC application, and therefore not recorded by IEWatch.
How do I change the URL call of the logout to https?
Does anyone know what to check for within the VC code?
You can change logoff URL to any value:
http://help.sap.com/saphelp_nw04s/helpdata/en/44/aada5230be5e77e10000000a155369/frameset.htm
Regarding VC apps.
It is strange you cannot see HTTP in the IEWatch. IE should not be able to alert about something it does not see. I suggest you to use something more substantial to trace network calls: http://www.wireshark.org
This is the best tool I know for network tracing.
Regards,
Slava
We switched the logoff URL to [https://<portal>/] and when the user logs off, it does forward them to this URL, but then the server redirects the browser to [http://<portal>/irj/portal]. The server does not know that it is secured. Plus, the logon screen is still posting to the unsecured URL.
Is there a setting in Portal or in WAS that we need to set specifying that the application is secured?
Try to use logoff URL https://<portal>/irj/portal instead of https://<portal>/
| User | Count |
|---|---|
| 8 | |
| 5 | |
| 5 | |
| 4 | |
| 4 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.