Table of contents
No headersThe traditional method for creating Https-only under IIS 6.0 is to check Require secure channel (SSL) in the Secure Communications dialog accessible from the site's Directory Security tab. However, the Deki UI uses its' REST api over http to construct pages. This communication should remain over http rather than https to avoid the overhead not required for internal only communication. This means that the Deki must be reachable via port 80.
The api is also directly exposed for certain functions, such as access to attachments and images, which means we can't simply hide the API from the public and make it accessible by http to the front end only.
What is needed is API access via Https for remote requests and via Http only for local requests:
- Open your website's Properties in IIS Manager
- In the Web Site tab, click on the Advanced... button
- Double-clcik the entry in Multiple identities for this Web Site for port 80
- Set IP Address to 127.0.0.1
- Close all windows
Now you should be able to access your site both via http://localhost and https://localhost when on the server itself, but reaching it from the outside, http://yoursite.com/ will return a Status code 400 - Bad Request (Invalid Hostname).
- Was this page helpful?
- Tag page
- What links here
| Images 0 | ||
|---|---|---|
| No images to display in the gallery. |
Copyright © 2011 MindTouch, Inc. Powered by