$quoted_author = "Christian Pascher" ;
>
> If I would activate
> RequestHeader set Front-End-Https "On"
> I need all the SSL config stuff also at the back end servers?
No. That setting just let's Apache know that, even though it is seeing http
connections, the client is seeing https with the SSL
So if I only want that people can access http://example.com and
https://example.com and all the subpages I don't need it? (I don't have
any redirect statement in my configs)
If I would activate
RequestHeader set Front-End-Https "On"
I need all the SSL config stuff also at the back end servers?
The back end is only speaking http, but if it were to generate e.g. a
redirect it would need to redirect to https://something instead of
http://something . The 'https?' header preserves that information.
Is this necessary? I would also have to configure HTTPS also on the back
end servers, if I use this?
I thought, the web browser already uses a secure connection to the load
balancer, so i don't need HTTPS at the back end.
Am 2011-03-08 22:50, schrieb Daniel Holth:
The header allows a properly c
The header allows a properly configured back end to generate https:// URLs
instead of http:// URLs when it is being accessed securely.
Hi,
I have a Apache Webserver with 2 Apache Backend-Servers.
It is possible to access webpages over HTTPS (configured on the
loadbalancer).
It all works very well but yesterday I read something about changing the
HTTP-Header:
RequestHeader set Front-End-Https "On"
Do I need this?
Regards,
