I recently encountered an issue in our ASP.NET WebAPI application, which sits behind a load balancer that does SSL termination [http://en.wikipedia.org/wiki/SSL_termination_proxy]. The load balancer gets a HTTPS request, decrypts it, unwraps the original HTTP request and forwards that to the application servers,