Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
Redirect http to https
-
Heya,
Is there a way within the Mango web server configuration to redirect http connections (say on port 8080) to https on 8443? Just curious if Mango can do the redirects instead of modifying the firewall.
Thanks
Ian -
Hi Ian,
Currently the answer seems to be no. While browsers will almost assuredly be redirected to HTTPS, it is possible for REST requests to still be sent over HTTP (I tested using token auth). You have started a discussion on the topic though!
Indeed doing the redirect at the proxy / firewall will be more complete for the moment.
-
@iperry It actually is possible, you just need to enable HSTS in the env.properties -
# Configure HSTS (HTTP Strict Transport Security) # Enabled by default when ssl.on=true # Sets the Strict-Transport-Security header, web browsers will always connect using HTTPS when they # see this header and they will cache the result for max-age seconds ssl.hsts.enabled=true ssl.hsts.maxAge=31536000 ssl.hsts.includeSubDomains=falseThis will only affect browsers, as @Puckfist says HTTP is actually still enabled and you can make REST requests over HTTP using a script for example.
Just bear in mind that the browser will remember the HSTS setting and refuse to connect to HTTP for the specified amount of time after you configure this.
