SSL Offloading vs WEBCON BPS Portal

Applies to version 2020.1.3; author: Tomasz Słuszniak
Updated: 23.02.2026; author: Tomasz Słuszniak, Tomasz Błach

SSL Offloading (SSL Termination) is the process that allows you to transfer the encryption and decryption of the SSL connection through Reverse Proxy Server that is located “in front of” the application server. It is mainly used to relieve Web Server from performing these costly operations for the processor.

Attention: Starting from WEBCON 2026, the recommended approach is to configure the reverse proxy in accordance with the ASP.NET Core documentation, as the option to use additional configuration parameters that enforce HTTPS (such as ForceHttpsOnProxy) has been removed from the Portal. You can read about this configuration in the following article.

In earlier versions of WEBCON, enabling proper SSL Offloading required adding an additional parameter to the Portal configuration file.  

You can find this file in the standard location - „C:Program Files (x86)WEBCONWEBCON BPS Portal” or through IIS by selecting Server -> Sites -> WEBCONBPS -> Explore.

Open the “appsettings.user.json” configuration file and add the following parameter:

"ForceHttpsOnProxy": true,

After that, restart the IIS “WEBCONBPS” Web application.

In IIS there is no need to add binding for port 443 and assigning an SSL certificate. The binding for port 80 is enough because the communication between WEBCON BPS Portal hosting Web Server and Reverse Proxy Server takes place through the unencrypted http protocol.

The last important thing is to configure the WEBCON BPS Portal address - this address should be configured to use the https protocol.

The address can be changed by using the “Tools for application management” section in the WEBCON BPS installer. In the “Portal address configuration” tab, enter the appropriate instance address.

Save the configuration and restart the WEBCON BPS WorkFlow Service and “WEBCONBPS” IIS Web application.