Forum

Greetings.

I have an LB that offloads SSL and forwards to Hiawatha using HTTP... I'd like to force the use of HTTPS, and I can't do that on the LB- I can accomplish it with Hiawatha using the X-Forwarded-Proto in a UrlToolkit; like this:

VirtualHost {
    Hostname = www.website.net, *.website.net
    ...
    UseToolKit = https_trampoline
}

UrlToolKit {
  ToolkitID = https_trampoline
  Header X-Forwarded-Proto https Return
  Match ^/(.*) Redirect https://www.website.net/$1
}

Question is- Is there a better, more generic way to do this? Ideally, I'd like toolkit to make it so requests to http://*.website.net/ redirect to https://*.website.net/ (as opposed to always going to https://www.website.net/ ...that would also mean I could use the same trampoline for other virtual hosts).

I've had a look around to not avail... And I can't seem to figure it out. Any advice would be appreciated.

Thanks!

Have you tried the following?

VirtualHost {
  ...
  RequireTLS = yes
}

Yep- I get an infinite redirect (ERR_TOO_MANY_REDIRECTS in chrome).

I presume RequireTLS works where Hiawatha hosts SSL/TLS... Since it's offloaded to the LB in this case, the request always appears as HTTP to Hiawatha (hence the X-Forwarded-Proto check).

In that case, the solution you showed in the first post is a good way to do this.