Users will need to set the SSL offload header value indicates that the traffic from the client to the reverse proxy is encrypted. This article explains how to set the header value required by load balancers when configuring SSL offloading for DNN.
- SSL must be enabled for the required sites and any pages that should be secure should be configured as secure pages
- Access to the Load Balancer
- Access to a SuperUser account.
- Navigate to Settings > Security > More
- Edit the SSL Offload Header Value section.
- In the text box, enter the header value. E.g. X-FORWARDED-FOR
Now when a request arrives at the load balancer, if it has SSL offloading enabled it will pass the request onto the webserver with the request rewritten from a secure to insecure request (E.g.
http://mysite.com/default.aspx). This will be the request that DotNetNuke processes.
You will need to check the logs on the load balancer to see the request.
Normally DNN would then determine that the request is for a "secure" page and rewrite the path back to
https://mysite.com/default.aspx, but the existence of the header ensures that DNN knows it should instead serve the page up via HTTP.
The results will then be passed back to the SSL-Offloading load balancer which will return the page to the user as those an SSL request was made (as is the case as the SSL certificate was verified by the load balancer which processes SSL requests more efficiently than the individual web server(s) would - as well as simplifying management by ensuring only the load balancer needs the SSL certificate installed rather than each webserver).