Securing cookie for CMS over Load Balancer


Hi guys,

I would like to say Hi for everyone cos it is my forst post on that forum. :)

I have an issue with securing cookie fro CMS admin area. I've used


parameter on forms authorization section in web.config. I've also added SSL cert to load balancer and IIS server to have both connections secured.

Due to some needs by other parts of the solution i Have I've also added an URL rewrite rule as follows 


The thing is that i cannot login to CMS area, and I have internal server error 500.

Besides that in epi logs i have this exception:

2018-10-03 09:09:47,849 ERROR /Util/login.aspx EPiServer.Global: 1.2.5 Unhandled exception in ASP.NET
System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Web.HttpException (0x80004005): The application is configured to issue secure cookies. These cookies require the browser to issue the request over SSL (https protocol). However, the current request is not over SSL.
   at System.Web.Security.FormsAuthentication.SetAuthCookie(String userName, Boolean createPersistentCookie, String strCookiePath)

Could you help me with solving that please?

Edited, Oct 03, 2018 9:31

It seems that the load balancer only sends HTTP requests (not HTTPS) to servers in that load balancing. And there isn't any https binding for the site on IISs.

In our case, Force Https is configured on the load balancer.

Hope that help.

Oct 04, 2018 4:47
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.