Re: Any downsides to ELB 443 running in Secure TCP mode?


James Bayer
 

the x-forwarded-proto header is pretty important for large public clouds as
most of them enable http and https that i'm aware of. in this situation,
i'm not sure how we forego the header when it's also important to allow
plain http traffic on port 80.

On Wed, Aug 19, 2015 at 10:47 PM, aaron_huber <aaron.m.huber(a)intel.com>
wrote:

With SSL instead of HTTPS you lose the X-Forwarded headers which would be
needed for the apps to know if the traffic came in as secure, which would
only be an issue if you're allowing both 80 and 443 and the apps need to be
able to tell the difference. Otherwise it would be identical as far as I'm
aware. Using HTTPS allows them to inject the headers into the protocol.


http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/using-elb-listenerconfig-quickref.html

Aaron




--
View this message in context:
http://cf-bosh.70367.x6.nabble.com/cf-bosh-Any-downsides-to-ELB-443-running-in-Secure-TCP-mode-tp590p591.html
Sent from the CF BOSH mailing list archive at Nabble.com.


--
Thank you,

James Bayer

Join cf-bosh@lists.cloudfoundry.org to automatically receive all group messages.