How to set the header value required by load balancers when configuring SSL-offloading for DNN. Some examples of the headers included:
Prerequisite. SSL must be enabled for the required sites (See "Setting SSL Settings for a Site") and any pages that should be secure should be configured as secure pages. See "Configuring Advanced Page Settings"
Now when a request arrives at the load balancer, if it has SSL offloading enabled it will pass the request onto the web server with the request rewritten from a secure to insecure request (E.g.
http://mysite.com/default.aspx). This will be the request that DotNetNuke processes. Normally DNN would then determine that the request is for a "secure" page and rewrite the path back to
https://mysite.com/default.aspx, but the existence of the header ensures that DNN knows it should instead serve the page up via HTTP. The results will then be passed back to the SSL-Offloading load balancer which will return the page to the user as those an SSL request was made (as is the case as the SSL certificate was verified by the load balancer which processes SSL requests more efficiently than the individual web server(s) would - as well as simplifying management by ensuring only the load balancer needs the SSL certificate installed rather than each web server).
Open topic with navigation