Re: Any downsides to ELB 443 running in Secure TCP mode?

Home Messages Hashtags Subgroups

James Bayer #645 the x-forwarded-proto header is pretty important for large public clouds as most of them enable http and https that i'm aware of. in this situation, i'm not sure how we forego the header when it's also important to allow plain http traffic on port 80. On Wed, Aug 19, 2015 at 10:47 PM, aaron_huber <aaron.m.huber(a)intel.com> wrote: With SSL instead of HTTPS you lose the X-Forwarded headers which would be needed for the apps to know if the traffic came in as secure, which would only be an issue if you're allowing both 80 and 443 and the apps need to be able to tell the difference. Otherwise it would be identical as far as I'm aware. Using HTTPS allows them to inject the headers into the protocol. http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/using-elb-listenerconfig-quickref.html Aaron -- View this message in context: http://cf-bosh.70367.x6.nabble.com/cf-bosh-Any-downsides-to-ELB-443-running-in-Secure-TCP-mode-tp590p591.html Sent from the CF BOSH mailing list archive at Nabble.com. -- Thank you, James Bayer attachment.html
More All Messages By This Member

Join {cf-bosh@lists.cloudfoundry.org to automatically receive all group messages.