When a security scanner queries the AppInternals box on the HTTPS port, using an HTTP query, the web service returns an HTTP 200 message rather than the expected HTTP 404 error.
A security scanner returns a 200 HTTP result when querying the HTTPS port on SteelCentral AppInternals
Issue
Solution
This is true on AppInternals prior to v9.0.x release.
As of AppInternals v9.0.0, all communications is via SSL. Therefore you can expect the following results when accessing the AppInternals webservice:
- HTTP to port 80 will result in 'Unable to connect'
- HTTPS to port 443 will result in 'blank page'
- HTTP to port 3433 will redirect page to HTTPS on port 8433
Related Bugs
Attachments
Related Files
NOTICE: Riverbed® product names have changed. Please refer to the Product List for a complete list of product names.
Can't find an answer? Create a case