Also, the machine is acting as a Secure Gateway for Citrix - so I don't want
to tamper a lot on a (for the rest) working config...
I just want to avoid the obligation to let my users type 'https' :-)

The problem is that 'https' doesn't just specify the port, it also
tells the browser whether it needs to negotiate SSL/TLS or not.  If a
browser is pointed at http://something, it's not going to expect the
SSL negotiation and your user will see garbage.  The proper way to do
this is to have a minimal service running on port 80 providing 302's
for every request to https://<request>.  This is trivial to do in
Apache, and I'd be surprised if it wasn't trivial in IIS.


RB

Oh okay, I thought an Internet Explorer or any other browser would see what the server is posting, if I'd redirected port 80 to 443. I know I can something to IIS, or Apache... and I am using IIS in first instance to serve the https part... but I just didn't want to have to... as I don't really like port 80 at all on an IIS server...

But if there is no other way, I'll put up a box with Apache instead to forward to the https part of IIS...

thanks for you guys responses ;-)


---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Reply via email to