端口 443 上负载均衡器后面的 HTTP 到 HTTPS 重定向
[英]HTTP to HTTPS redirect behind Load Balancer on port 443
问题描述
I have a load balancer listening on both ports 80 and 443, but due to a security policy the traffic between the load balancer and the web servers must be encrypted.
我有一个负载平衡器同时监听 80 和 443 端口,但由于安全策略,负载平衡器和 Web 服务器之间的流量必须加密。 I'm trying to produce a redirect from http to https, but the usual methods aren't working, presumeably because IIS can't tell the difference between the originating requests on http vs https.我正在尝试生成从 http 到 https 的重定向,但通常的方法不起作用,大概是因为 IIS 无法区分 http 和 https 上的原始请求之间的区别。 This is because by the time the request gets to the web server it is already encrypted and coming down port 443.这是因为当请求到达 Web 服务器时,它已经被加密并从端口 443 下降。
Right now I'm using the rewrite module with mods to web.config, and the redirect works fine for 80->LB->80 traffic, but not for 80->LB->443 traffic.现在我正在使用带有 mods 的 rewrite 模块到 web.config,重定向适用于 80->LB->80 流量,但不适用于 80->LB->443 流量。
Here's my web.config:这是我的 web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Note, something I like about the web.config solution (if it can be modified to work for 80->LB->443) is that the redirect works for non ASP.NET pages too.请注意,我喜欢 web.config 解决方案(如果它可以修改为适用于 80->LB->443)的一点是重定向也适用于非 ASP.NET 页面。
Any ideas?有任何想法吗?
1 个解决方案
解决方案1
0 2012-12-26 19:37:23
I believe you can set up the load balancer to do the redirect from http to https.我相信您可以设置负载均衡器来执行从 http 到 https 的重定向。 Also you can set up the load balancer to send a extra HTTP header or CGI Variable that indicates secure vs non-secure.您还可以设置负载均衡器以发送额外的 HTTP 标头或 CGI 变量,以指示安全与非安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.