What is SSL Offloading?
The offloading of SSL processes (key exchange, establishment and separation of SSL connections) is a very compute-intensive process. With a root360 standard configuration this task takes over the loadbalancer. It forwards the encrypted SSL requests (https) to the available instances.
The offloading of SSL processes (key exchange, establishment and separation of SSL connections) is a very compute-intensive process.
With a root360 standard configuration this task takes over the AWS loadbalancer. It forwards the encrypted SSL requests (https) to the available instances.
Without SSL Offloading | With SSL Offloading |
Without SSL offloading, encrypted requests are also forwarded encrypted to the instances, the described overhead also arises on the instances themselves. | If SSL offloading is enabled, encryption continues to be applied by the load balancer. However, forwarding the requests to the respective active instances is not encrypted in the secure internal network. This means that the answers can be served without the SSL overhead and can usually be answered faster. |
| 
|
Dealing with SSL offloading
PHP
Compared to PHP applications, SSL offloading is transparent. This means , it is recognizable by the usual methods, whether a call was encrypted by the user (via https).
.htaccess
For rewrite rules in a .htaccess which check for https, a change must be made if SSL offloading is active. In our example, https is checked and then everything is forwarded to https (Redirect via 301) if the call was done via http.
RewriteCond %{ENV:HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]Please note that the https status is accessed via RewriteCond% { ENV: HTTPS}! = On instead of the usual RewriteCond% {HTTPS}! = On
Related tutorials
Related components
root360 Knowledge Base - This portal is hosted by Atlassian (atlassian.com | Privacy Policy)