SSL Lockdown

Setup Worker Node for SSL

Log in to the Web Portal as an administrator and select System Info at the top. You can then click Worker Node Count to view Advanced Settings for the Cluster.

System Info

Worker Node Advanced Settings

Now select "Always force SSL on Login" and "Always force SSL for Native Clients" checkboxes.

If you are using the self-signed SSL certificate, the web portal is the only client that allows you to log in after some SSL certificate warning. All other native clients, such as Windows, mobile, and Mac clients, reject the connection.

If you have a load balancer in the front of the triofox server and offload SSL to the load balancer. You will not need to check the 'Always force SSL' checkbox. Otherwise, the connection may fail because SSL is already offloaded to the load balancer.


You can also change the properties of the node.

Worker Node Count

The Node Name needs to match the hostname of the node.

server certificates

The External URL shall match the external URL for HTTPS. (If you do not have SSL certificate installed yet, this can be HTTP for now).

The Internal URL will need to match the internal IP address or node’s private DNS name and the HTTP or HTTPS protocol.

Fully Qualified Domain NameVerify URL