Using Meteor's force-ssl package leads to a redirect loop. We can work around this by moving the functionality down to web.config but considering the widespread usage of force-ssl, it makes sense to at least warn users in the docs.
EDIT: It is also worth mentioning that Meteor uses a flag set by the force-ssl package to change the ROOT_URL protocol to 'https' and so with the approach above we need to specify this ourselves (Hence my comment regarding #14).
Using Meteor's force-ssl package leads to a redirect loop. We can work around this by moving the functionality down to web.config but considering the widespread usage of force-ssl, it makes sense to at least warn users in the docs.
EDIT: It is also worth mentioning that Meteor uses a flag set by the force-ssl package to change the ROOT_URL protocol to 'https' and so with the approach above we need to specify this ourselves (Hence my comment regarding #14).