ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer

Posted by frankadelic on Stack Overflow See other posts from Stack Overflow or by frankadelic
Published on 2010-03-11T19:34:53Z Indexed on 2010/03/11 19:39 UTC
Read the original article Hit count: 356

Filed under:
|
|
|
|

We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required.

This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed.

Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement).

The consequence would be that all requests appear as HTTP to the web server.

My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]?

Do you know of a load balancer config that will send headers so that no application code changes are needed?

© Stack Overflow or respective owner

Related posts about https

Related posts about ssl