Skip to content
This repository has been archived by the owner. It is now read-only.

Disable SSL for load balancing and proxy server scenarios

Brock Allen edited this page Oct 22, 2013 · 1 revision

By default, IdentityServer requires SSL (for obvious reasons). But there are scenarios where IdentityServer might be deployed behind a load balancer or proxy server. In those situations it might be desirable to disable the SSL requirement in IdentityServer. This scenario is supported with some configuration (the configuration of your load balancer or proxy server is beyond the scope of this documentation). It is assumed that SSL is being provided by the load balander or proxy server.

Within IdentityServer on the General Configuration page, there are two settings related to disabling SSL. The first is a "Disable SSL" checkbox -- this removes any SSL check on incoming HTTP requests. The second configuration is "Public Host Name" and this is needed to indicate the HTTP host name being used of the public facing load balancer or proxy server. This setting is used anytime IdentityServer needs to create an absolute URL that references an endpoint within IdentityServer.

Once either of these settings have been changed, an application recycle within IdentityServer is necessary.