ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer
- by frankadelic
We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required.
This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed.
Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement).
The consequence would be that all requests appear as HTTP to the web server.
My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]?
Do you know of a load balancer config that will send headers so that no application code changes are needed?