SSL requests always redirects to a host, through Proxy/Firewall

U

usenet

I have an existing application that connects to a remote server (eg.
server1.cisco.com) on the internet through a firewall/proxy (hosting
environment) using SSL and everything works fine. I am not sure what
configurations were made when this application was deployed.

Now, I have to connect to another remote server (eg.
SERVER2.cisco.com) from the same application. Notice they both are in
the same domain. For some reason, all the requests are being routed
to server1.cisco.com. From the conversations I have had, everyone
seem to have a different view of this problem ... proxy configuration,
reverse-proxy config, DNS, firewall, "hosts" file, certificate, cached
socket connections... I am puzzled. This works fine on my localhost
and redirects to the right hosts as expected. The difference between
localhost and the hosting environment being -- the way sockets are
created. Localhost creates socket directly on server1.cisco.com, or
server2.cisco.com port 443, where as in the hosting environment, the
socket is always created on the proxy:443.

Thus:

1. What could be causing the redirects to only server1.cisco.com?

2. Since the socket is always created on the proxy:443, how will the
proxy know to direct the request to the intended remote host server1,
or server2.cisco.com. Is it from the HTTP header info? If so, which
tag of the HTTP header info indicates that?
"POST https://server1.cisco.com/s1_path/servlet/Servlet1" or the
"Host: server1.cisco.com"???

The reason I suspect if the "Host: server1.cisco.com" tag is being
read is because if I printed in the header "POST
https://server2.cisco.com/S2_PATH/SERVLET/SERVLET2" the request is
being forwarded as https://server1.cisco.com/S2_PATH/SERVLET/SERVLET2,
no matter what I put in the "Host: Host_Name". In fact, I could even
write www.google.com and the request would still go to
server1.cisco.com.

If you have noticed the above URL closely, you would have seen that
the host name of server1 and the path of server 2 are concatenated.
Something in the environment is re-constructing the URL this way -
proxy, DNS, someone! So, I get a 404 error, because there is no
resource/path /S2_PATH/SERVLET/SERVLET2 on server1.cisco.com.


Below is the code snippet:

java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
SSLSocketFactory factory = (SSLSocketFactory)
SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) factory.createSocket(PROXY_SERVER,
PROXY_PORT);
socket.startHandshake();
BufferedReader buffReader = new BufferedReader(new
InputStreamReader(socket.getInputStream()));
PrintStream prntStrm = new PrintStream(socket.getOutputStream());

prntStrm.println("POST https://" + DESTINATION_HOST + "/"
+ " HTTP/1.0\r\ncontent-type: text/html"
+ "\r\ncontent-length: " + YOUR_PUUNCHOUT_CONTENT.length()
+ "\r\nUser-Agent: " + USER_AGENT
+ "\r\nHost: " + DESTINATION_HOST + "\r\nConnection: keep-alive");
prntStrm.println("");
prntStrm.println(YOUR_PUUNCHOUT_CONTENT);
strBuf = new StringBuffer();
while ((inputLine = buffReader.readLine()) != null) {
strBuf.append(inputLine);
}

prntStrm.close();
buffReader.close();
socket.close();

Any help appreciated!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top