Reputation: 20803
ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer
We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required.
This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed.
Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement).
The consequence would be that all requests appear as HTTP to the web server.
My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]?
Do you know of a load balancer config that will send headers so that no application code changes are needed?
Upvotes: 3
Views: 3033
Answers (1)
Reputation: 21178
Use an iRule to effectively add a custom element to the HTTP header and then detect it in the ASP.NET code via Request.Headers. Dig into the collection of the Request.Headers object as well as your F5 hardware may already be marking itself on one of the HTTP Headers anyway.
Upvotes: 2
Related Questions
- IIS ARR load balanced config with SSL
- Redirecting HTTP to HTTPS behind load balancer
- How to use HTTPS in an ASP.Net Application
- HTTPS Urls When SSL Terminated At Load Balancer
- Configuring F5 Load Balancer and IIS Web server with two separate SSL certificates
- IIS: How to simulate SSL termination on load balancer
- running WCF behind loadbalancer where LB connection to IIS is http and client connection to LB is HTTPS
- How to gain SSL load balancing?
- WCF SSL over load balancer. Load balancer changing ssl port
- How to set up SSL in a load balanced environment?