SSL offloading and X Header - General Discussions - General Discussions - Progress Community
 General Discussions

SSL offloading and X Header

  • SSL offloading and X Header
  • Hi,

     I would need technical details on how the SSL offloading should be done for my sitefinity website: do I need to have a specific X Header being sent in order to have SSL off-loading properly working ? or simply the site will be fully coded in relative path, thus no need for any X header ?

     Please need your support on it


    Thank you


  • Hello Dimitri,

    Make sure to use "Require SSL" of page setting might not work as expected when there is a SSL offloading solution. The problem is that Sitefinity instances are doing redirects to https:// because of this setting. If you use this option (Require SSL) and request the page under http:// the redirects are in fact and application is looping over and over.

    For example:
    If request coming from user is HTTPS (Require SSL), after the decrypting from the load balancing the request to web application will be HTTP, but Sitefinity requires accessing to this page to be in HTTPS only and makes redirect to HTTPS.

    https trafic
    Load balancer
    http traffic
    Web Server 1, Web Server 2, ...

    You can run the entire site in SSL, but please make sure the "Required SSL" option is switched to off.

    Ivelina Ganeva
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items