ASP.NET Request.ServerVariables["SERVER_PORT_SECURE"] and proxy SSL by load balancer

Posted by frankadelic on Stack Overflow See other posts from Stack Overflow or by frankadelic
Published on 2010-03-11T19:34:53Z Indexed on 2010/03/11 19:39 UTC
Read the original article Hit count: 342

Filed under:

https

|

ssl

|

iis

|

load-balancing

|

ASP.NET

We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required.

This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed.

Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement).

The consequence would be that all requests appear as HTTP to the web server.

My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]?

Do you know of a load balancer config that will send headers so that no application code changes are needed?

© Stack Overflow or respective owner

Related posts about https

Need Java https proxy which can be enhanced to emulate production https proxy behaviour

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a production environment which require access through a proxy server. Occasionally said server returns blank responses badly confusing the Metro web service library causing all kinds of interesting RuntimeExceptions. I believe the proxy is Squid. In order to handle these better, I would… >>> More
How To Find Out If You are Using HTTPS Without $_SERVER['HTTPS']

as seen on Stack Overflow - Search for 'Stack Overflow'
I've seen many tutorials online that says you need to check $_SERVER['HTTPS'] if the server is connection is secured with HTTPS. My problem is that on some of the servers I use, $_SERVER['HTTPS'] is an undefined variable that results in an error. Is there another variable I can check that should always… >>> More
Redirect request from https domain to https subdomain with only one certificate

as seen on Server Fault - Search for 'Server Fault'
I'm trying to redirect users to a subdomain in server2 if they make an https request to server1. I only have one certificate, and that's installed on server2. So for instance, from (server1) https://www.example.com to (server2) https://ssl.example.com My best guess is that I will need a certificate… >>> More
Apache: https to https redirect

as seen on Super User - Search for 'Super User'
I'm trying to get Apache to redirect all http and https traffic to a single endpoint www.example.org. The http part is easy: <VirtualHost *:80> ServerName example.org Redirect permanent / https://www.example.org/ </VirtualHost> # long list of other domains, all redirecting to… >>> More
SSL / HTTP / No Response to Curl

as seen on Server Fault - Search for 'Server Fault'
I am trying to send commands to a SOAP service, and getting nothing in reply. The SOAP service is at a completely separate site from either server I am testing with. I have written a dummy script with the SOAP XML embedded. When I run it at my local site, on any of three machines -- OSX, Ubuntu,… >>> More

Related posts about ssl

Plesk SSL Certificate (Default cert when SSL enabled, CORRECT cert when SSL is disabled)

as seen on Server Fault - Search for 'Server Fault'
I'm running Plesk 8.6.0: I have an SSL cert installed through Plesk's admin interface. But I have a bit of an issue: When I enabled SSL for the site, and selected my cert, then restart httpd, Plesk defaults to using my self-signed default certificate. Conversely, when I disable SSL support for the… >>> More
apache renew ssl not working [on hold]

as seen on Server Fault - Search for 'Server Fault'
Downloaded a new ssl cert from go daddy and installed the cert on apache2 server put the cert in /etc/ssl/certs/ folder put the gd_bundle.crt in the /etc/ssl/ folder private key is in /etc/ssl/private/private.key I just replaced the original files with the new files, did not replace the private… >>> More
Cant connect to mysql using self signed SSL certificate

as seen on Server Fault - Search for 'Server Fault'
After creating a self-signed SSL certificate, I have configured my remote mysqld to use them (and ssl is enabled) I ssh into my remote server, and try connecting to its own mysqld using ssl (mysql server is 5.5.25).. ~> mysql -u <user> -p --ssl=1 --ssl-cert=client.cert --ssl-key=client… >>> More
How to log invalid client SSL certificate in SSL

as seen on Server Fault - Search for 'Server Fault'
I have a IIS web site which requires client certificate. I have turned off CRL checking. The client is unable to access the web site - he gets 403.17 (certificate expired) error. I would like to log the certificate he is using, becaue I think he is using the wrong certificate. Is there a way to… >>> More
Mixing SSL and non-SSL content in an Apache2 virtual host

as seen on Server Fault - Search for 'Server Fault'
I have a (hopefully) common scenario for one of my sites that I just can't seem to figure out how to deploy correctly. I have the following site and directories for example.com: These need to require SSL: /var/www/example.com/admin /var/www/example.com/order These need to be non-SSL: /var/www/example… >>> More