Defining an SSL connection behind a load balancer

Question

Defining an SSL connection behind a load balancer

Look for the best practice here. We are dealing with an SSL connection at our load balancer level, and therefore the entire connection to our load balancer on our web servers is http. However, we can’t say what kind of connection the client makes on our web server, since the entire connection is via http. We currently have 2 solutions: one must have a load balancer in order to add the port number to the URL string so that we can determine the type of request (for example, 80 for http and 443 for https). Another solution is that the load balancer adds a special header when it receives an https request so that the web servers know the type of connection.

Do you see cons in both solutions? Is there any best practice for using SSL at the load balancing level instead of the web server level?

+3

ssl load-balancing

Herman Mar 23 '09 at 21:04

source share

2 answers

. IP- ( ), - . x-forwarded-for.

+1

erickson 24 . '09 19:53

Clyde · Accepted Answer · 2009-03-23T21:08:43+0000

I would prefer a headline, I think. Adding something to the URLs makes it possible, no matter how thin it is, that you come across a query string parameter that the application wants to use. Custom title will be easier.

The third option may consist of redirecting ssl connections to another port, say, 8080, so on the back panel you know that for connections to port 80 there was http, and with 8080 ports 443 were started, although at the moment they are both http .

Defining an SSL connection behind a load balancer

More articles: