PREREQUISITES: SSL offloading sends the process of encoding and decoding SSL requests to a separate device. Therefore, you must have an additional SSL offloading device that is specifically designed to perform SSL acceleration and termination.
SSL offloading moves SSL encoding and decoding functions away from busy webservers to specialized devices that are better equipped to handle CPU-intensive SSL calculations.
This allows the webservers to dedicate important CPU resources to other application processing tasks, which can improve performance.
We recommend to use SSL offloading, only in case you have a lot of HTTPS requests. If your servers are not busy, there is no point to offload them.
NOTE: If you are using Network Load Balancing, the load balancer can perform this function. For more information, see Load balancing.
The following chart illustrates a setup with an SSL offloader:
Configure Sitefinity CMS to know that SSL requests will be offloaded:
IMPORTANT: Your SSL offloading device must be set with the same HTTP header field name and HTTP value as the ones that you have entered in Sitefinity CMS. When the traffic must be encrypted between the reverse proxy and the client, before rerouting, the SSL offloading device must remove or replace any headers with above field name. Otherwise, a client can imitate the header field name and value with the malicious intent to present encrypted traffic as nonencrypted.
Back To Top