diff --git a/lib/api/apiUtils/authorization/permissionChecks.js b/lib/api/apiUtils/authorization/permissionChecks.js
index 170488b44b..33e029c5c4 100644
--- a/lib/api/apiUtils/authorization/permissionChecks.js
+++ b/lib/api/apiUtils/authorization/permissionChecks.js
@@ -247,10 +247,14 @@ function _checkBucketPolicyConditions(request, conditions, log) {
     if (!conditions) {
         return true;
     }
+    const extractProtoFromHeader = config.requests.extractProtoFromHeader;
+
+    const sslEnabled = (extractProtoFromHeader ?
+        extractProtoFromHeader === 'https' : request.connection.encrypted);
     // build request context from the request!
     const requestContext = new RequestContext(request.headers, request.query,
         request.bucketName, request.objectKey, ip,
-        request.connection.encrypted, request.resourceType, 's3', null, null,
+        sslEnabled, request.resourceType, 's3', null, null,
         null, null, null, null, null, null, null, null, null,
         request.objectLockRetentionDays);
     return evaluators.meetConditions(requestContext, conditions, log);