Try Now
More in this section

Forums / General Discussions / SSL offloading and X Header

SSL offloading and X Header

2 posts, 0 answered
  1. Dimitri
    Dimitri avatar
    1 posts
    30 Sep 2014
    28 Apr 2015
    Link to this post


     I would need technical details on how the SSL offloading should be done for my sitefinity website: do I need to have a specific X Header being sent in order to have SSL off-loading properly working ? or simply the site will be fully coded in relative path, thus no need for any X header ?

     Please need your support on it


    Thank you


  2. Ivelina Ganeva
    Ivelina Ganeva avatar
    4 posts
    07 Jul 2016
    30 Apr 2015
    Link to this post
    Hello Dimitri,

    Make sure to use "Require SSL" of page setting might not work as expected when there is a SSL offloading solution. The problem is that Sitefinity instances are doing redirects to https:// because of this setting. If you use this option (Require SSL) and request the page under http:// the redirects are in fact and application is looping over and over.

    For example:
    If request coming from user is HTTPS (Require SSL), after the decrypting from the load balancing the request to web application will be HTTP, but Sitefinity requires accessing to this page to be in HTTPS only and makes redirect to HTTPS.

    https trafic
    Load balancer
    http traffic
    Web Server 1, Web Server 2, ...

    You can run the entire site in SSL, but please make sure the "Required SSL" option is switched to off.

    Ivelina Ganeva
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
2 posts, 0 answered