Is it possible to force SSL?

[tjharman]

I have a single port listening on my Icecast server. I have SSL certificates defined and I can connect to the port using SSL just fine. The problem is, I can also connect to the port using HTTP just fine.

The content of one of my streams I'd really rather MUST use SSL. Is there a way to force this? Even setting 1 doesn't seem to stop plain http from being allowed.

Thanks, Tim

Edit: Should clarify on latest kh9

[mooseh]

redirect wise i dont think so, but you could just choose not to bind on port 80?

[tjharman]

Sorry, I wasn't clear.

My Icecast server is listening only on port 5001.

http://myserver.com:5001/ works fine So does https://myserver.com:5001/

Icecast release notes for kh5 state that "autodetect SSL connections on incoming sockets. No need for in listen-socket now but is still there for compatability."

This is a great feature I can imagine for a lot of people, but I actually want to hard force ssl and setting ssl 1 doesn't seem to do this, it still accepts insecure connections too.

[mooseh]

I dont know if something like this will work, icecast isn't really designed to do fancy redirects, you should really use apache/nginx for that, its purely a media streaming server.

here is how you redirect but i dont know how you make it port specific so this could cause a redirect infinite loop possibly.

  <mount>
    <mount-name>/*.mp3</mount-name>
    <redirect>http://localhost:443</redirect>
  </mount>