...
...
| Warning |
|---|
You have tried to access an archived page. Please go to the new https://root360.atlassian.net/wiki/spaces/KB to find more documents. |
...
| Table of Contents |
|---|
General information
The offloading of SSL processes (key exchange, establishment and separation of SSL connections) is a very compute-intensive process.
With a root360 standard configuration this task takes over the loadbalancer. It forwards the encrypted SSL requests (https) to the available instances.
Without SSL offloading | With SSL Offloading |
Without SSL offloading, encrypted requests are also forwarded encrypted to the instances, the described overhead also arises on the instances themselves. | If SSL offloading is enabled, encryption continues to be applied by the load balancer. However, forwarding the requests to the respective active instances is not encrypted in the secure internal network. This means that the answers can be served without the SSL overhead and can usually be answered faster. |
 |  |
use cases
SSL offload is the default for root360.
...
For rewrite rules in a .htaccess which check for https, a change must be made if SSL offloading is active. In our example, https is checked and then everything is forwarded to https (Redirect via 301) if the call was done via http.
| Code Block | ||||
|---|---|---|---|---|
| ||||
RewriteCond %{ENV:HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] |
| Code Block |
|---|
Please note that the https status is accessed via RewriteCond% { ENV: HTTPS}! = On instead of the usual RewriteCond% {HTTPS}! = On