Setting the SSL Offload Header Value

Overview

Users will need to set the SSL offload header value indicates that the traffic from the client to the reverse proxy is encrypted. This article explains how to set the header value required by load balancers when configuring SSL offloading for DNN.

 

Prerequisite

 

Solution

  1. Navigate to Settings > Security > More
  2. Edit the SSL Offload Header Value section.
  3. In the text box, enter the header value. E.g. X-FORWARDED-FOR

 

Testing

Now when a request arrives at the load balancer, if it has SSL offloading enabled it will pass the request onto the webserver with the request rewritten from a secure to insecure request (E.g. https://mysite.com/default.aspx to http://mysite.com/default.aspx). This will be the request that DotNetNuke processes.

You will need to check the logs on the load balancer to see the request.

Normally DNN would then determine that the request is for a "secure" page and rewrite the path back to https://mysite.com/default.aspx, but the existence of the header ensures that DNN knows it should instead serve the page up via HTTP.

The results will then be passed back to the SSL-Offloading load balancer which will return the page to the user as those an SSL request was made (as is the case as the SSL certificate was verified by the load balancer which processes SSL requests more efficiently than the individual web server(s) would - as well as simplifying management by ensuring only the load balancer needs the SSL certificate installed rather than each webserver).

Comments

0 comments

Please sign in to leave a comment.