SSL offloading and X Header

Posted by Community Admin on 03-Aug-2018 02:33

SSL offloading and X Header

Sitefinity - General Discussions

All Replies

Posted by Community Admin on 28-Apr-2015 00:00

Hi,

 I would need technical details on how the SSL offloading should be done for my sitefinity website: do I need to have a specific X Header being sent in order to have SSL off-loading properly working ? or simply the site will be fully coded in relative path, thus no need for any X header ?

 Please need your support on it

 

Thank you

 Dimitri

Posted by Community Admin on 30-Apr-2015 00:00

Hello Dimitri,

Make sure to use "Require SSL" of page setting might not work as expected when there is a SSL offloading solution. The problem is that Sitefinity instances are doing redirects to https:// because of this setting. If you use this option (Require SSL) and request the page under http:// the redirects are in fact and application is looping over and over.

For example:
If request coming from user is HTTPS (Require SSL), after the decrypting from the load balancing the request to web application will be HTTP, but Sitefinity requires accessing to this page to be in HTTPS only and makes redirect to HTTPS.

https trafic
     |
Load balancer
     |
http traffic
     |
Web Server 1, Web Server 2, ...

You can run the entire site in SSL, but please make sure the "Required SSL" option is switched to off.

Regards,
Ivelina Ganeva
Telerik

 
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
 

This thread is closed