diff -u b/includes/bootstrap.inc b/includes/bootstrap.inc
--- b/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -720,15 +720,16 @@
 
   // If Drupal is behind a reverse proxy or load balancer that is communicating
   // with the end-user over https but with Drupal over http we will generate a
-  // broken $base_path unless we check $_SERVER['HTTP_X_FORWARDED_PROTO'] to 'on'.
+  // broken $base_url unless we check if $_SERVER['HTTP_X_FORWARDED_PROTO'] is
+  // set to 'https'.
   // Trusting these headers is a potential security risk so we only do so if
   // $conf['reverse_proxy'] has been set.
-  if ($conf['reverse_proxy'] == TRUE) {
-    // X-Forwarded-Proto is the most common convention for protocol information.
-    if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') {
+  if (variable_get('reverse_proxy', 0)) {
+    $reverse_proxy_proto_header = variable_get('reverse_proxy_proto_header', 'HTTP_X_FORWARDED_PROTO');
+    if (isset($_SERVER[$reverse_proxy_proto_header]) && strtolower($_SERVER[$reverse_proxy_proto_header]) == 'https') {
       $is_https = TRUE;
-      // To ensure that third-party code continues working
-      // They should however implement support for X-Forwarded-Proto on their own
+      // To ensure that third-party code continues working.
+      // They should however implement support for X-Forwarded-Proto themselves.
       $_SERVER['HTTPS'] = 'on';
     }
   }
only in patch2:
unchanged:
--- a/sites/default/default.settings.php
+++ b/sites/default/default.settings.php
@@ -263,6 +263,9 @@ $drupal_hash_salt = '';
  *
  * It is not allowed to have a trailing slash; Drupal will add it
  * for you.
+ *
+ * If you are using a reverse proxy as a crypto offloader, you must ensure that
+ * this variable is commented.
  */
 # $base_url = 'http://www.example.com';  // NO trailing slash!
 
@@ -400,6 +403,12 @@ ini_set('session.cookie_lifetime', 2000000);
 # $conf['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
 
 /**
+ * Set this value if your proxy server sends the client protocol in a header
+ * other than X-Forwarded-Proto.
+ */
+# $conf['reverse_proxy_proto_header'] = 'HTTP_X_FORWARDED_PROTO';
+
+/**
  * Page caching:
  *
  * By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page