Is there a way or trick to force a stand-alone web app to use only the secured port assigned during execution?
yeah. Start with --maxPorts=0.
Thanks Brad, I’ll give it a try.
Hmmm… doesn’t seem to be working. I’m running it on linux. I’ve tried the following:
./myApp --secure-port=443 --maxPort=0
./myApp --maxPort=0
both result in the same thing… normal site on my domain, secure on https:// + my domain. Using a wildcard SSL, not that it should be affecting this.
–maxPorts plural. Also, set port=3200 or something for completeness. And it’s securePort=443. You may need to be root to do that.
Sorry, those were typos while editing the forum message… I am using:
./myApp --securePort=443 --maxPorts=0
Before I set the port to 80 for standard connections, but changed to 3200 as suggested. Still, when I go to http://mydomain it doesn’t force https://mydomain. I’ve even tried:
./myApp --securePort=80 --maxPorts=0
Then, nothing loaded with a ‘connection was reset’ error… which is as expected, since 80 is used for standard http.
Shouldn’t your technique cause the http:// to redirect to https://?
If you tell the app not to allocate any ports for non-secure connections, http:// won’t work at all. What you can do is detect whether a connection is secure in Session.Open and switch there. A second session will be opened for the user (and the first will eventually die off).
Hmmm… that’s what I originally did, but in FireFox I’m getting an exclamation notification where the padlock is supposed to be with the following notice:
‘This website does not supply identity information’.
Works like a champ in IE11. Argh!
Alright, well…
Do any of you two know what would cause the SSL intermediate CA to load in IE11, but fail in Firefox? When I view the certificate in Firefox, the certificate hierarchy just shows:
*.mydomain.com
When I do the same in IE11… it shows all three properly:
GlobalSign
AlphaSSL CA - SHA256 - G2
*.mydomain.com