Home / server / Questions / 116322
Accepted
snk
Asked: 2010-02-25 09:13:20 +0800 CST

How do I force an iCal server to only allow SSL connections?

  • 772

I have an OS X 10.6 Server running the iCal service. When users on machines that are bound to Open Directory open their iCal client, it automatically configures their connections to the iCal server at port 8008, even if the user has already manually added their calendar with SSL at port 8443, which results in the user having duplicate calendars.

Is there a way to turn off iCal access for non-SSL connections, or at least the automatic configuration of clients in the Open Directory domain?

mac-osx ssl opendirectory osx-snow-leopard ical

2 Answers

  1. Best Answer

    Tried to set SSL to "redirect" into the iCal service's admin tool?

    iCal server admin's Authentication tab

    This will result in a plain connection being redirected to the SSL one:

    bash-3.2# telnet mac-server.dear.lan 8008
Trying 192.168.1.250...
Connected to mac1.dear.lan.
Escape character is '^]'.
GET /
<html><head><title>Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>Document moved to https://mac1.dear.lan:8443/.</p></body></html>Connection closed by foreign host.
bash-3.2#

    Otherwise simply open only iCal SSL on the Firewall Admin interface, and leave iCal settings untouched (allowing SSL without redirections).

    This way I bet the automatic config would not set it to a closed port (8008).

    • 1

  2. The SSL: Redirect option seems to break the calendar access via the web-server. With that selected an error pops up on the calendar webpage saying access does not work - though the clients seem to be connecting just fine through iCal.app

    • 0