We help IT Professionals succeed at work.
Get Started

.NET Core 3.1 SSL offloading issue.

93 Views
Last Modified: 2020-01-15
Hello Experts!
I have gotten an issue dumped in my lap. I am a SysAdmin by trade and enjoy my craft, not developing and here is just why:

We offload our SSL to a HA pair of Load Balancer. That works fine. Traffic comes in HTTPS, gets converted to HTTP and ships it along to the server (Server 2012 R2).
So here is where things get messy:
This application is built with .NET Core 3.1. On the server, going HTTPS to the site everything runs without issue (it requires a login). Going HTTP to the site it just boots you back out to the login screen, no error no warning, just login over and over. The Dev claims it to be a security feature to ensure traffic is secure (which I understand) and per the Dev cannot be turned off (core doesn't allow it to be off, which I don't understand).
Going through the Load Balancer yields the same result as HTTP on the server (makes sense as it is being delivered there as HTTP).

Here where the assistance is needed.
In the Load Balancer we header tag the following:
HTTP_FRONT_END_HTTPS               On
HTTP_X_FORWARDED_PROTO       https
HTTP_X_FORWARDED_FOR       (client IP)

The headers get modified, I requested that a full header site be placed there for viewing, and they are being tagged.
Not sure why Forwarded_For needs to be there but here we are.

This should allow .NET Core 3.1 to see the load as HTTP, but alas it does not. I think it is an app problem, but here we are with it now being my issue.

Thank you as always for any assistance that can be provided.
Comment
Watch Question
Chief Technology Ninja
CERTIFIED EXPERT
Distinguished Expert 2020
Commented:
This problem has been solved!
Unlock 1 Answer and 6 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE