Force stand-alone to use SSL

Is there a way or trick to force a stand-alone web app to use only the secured port assigned during execution?

yeah. Start with --maxPorts=0.

Thanks Brad, I’ll give it a try.

Hmmm… doesn’t seem to be working. I’m running it on linux. I’ve tried the following:

./myApp --secure-port=443 --maxPort=0
./myApp --maxPort=0

both result in the same thing… normal site on my domain, secure on https:// + my domain. Using a wildcard SSL, not that it should be affecting this.

–maxPorts plural. Also, set port=3200 or something for completeness. And it’s securePort=443. You may need to be root to do that.

Sorry, those were typos while editing the forum message… I am using:

./myApp --securePort=443 --maxPorts=0

Before I set the port to 80 for standard connections, but changed to 3200 as suggested. Still, when I go to http://mydomain it doesn’t force https://mydomain. I’ve even tried:

./myApp --securePort=80 --maxPorts=0

Then, nothing loaded with a ‘connection was reset’ error… which is as expected, since 80 is used for standard http.

Shouldn’t your technique cause the http:// to redirect to https://?

If you tell the app not to allocate any ports for non-secure connections, http:// won’t work at all. What you can do is detect whether a connection is secure in Session.Open and switch there. A second session will be opened for the user (and the first will eventually die off).

Hmmm… that’s what I originally did, but in FireFox I’m getting an exclamation notification where the padlock is supposed to be with the following notice:

‘This website does not supply identity information’.

Works like a champ in IE11. Argh!

Alright, well…

Do any of you two know what would cause the SSL intermediate CA to load in IE11, but fail in Firefox? When I view the certificate in Firefox, the certificate hierarchy just shows:


When I do the same in IE11… it shows all three properly:

AlphaSSL CA - SHA256 - G2