SSL Lockdown

Setup Worker Node for SSL

Login to the Web Portal as the administrator and select System Info at the top. You can then click on Worker Node Count to see Advanced Settings for the Cluster.

System Info

Worker Node Advanced Settings

Now, check "Always force SSL on Login" and "Always force SSL for Native Clients" boxes.

If you use the self-signed SSL certificate, the web portal is the only client that allows you to login after some SSL certificate warning. All other native clients such as Windows, mobile, and Mac clients will reject the connection.

If you have a load balancer in the front of the triofox server and offload SSL to the load balancer. You will not need to check the 'Always force SSL' checkbox. Otherwise the connection may fail because the SSL is already offloaded to the load balancer.


You can also modify the properties for the node.

Worker Node Count

The Node Name needs to match the hostname of the node.

server certificates

The External URL shall match the external URL for HTTPS. (If you do not have SSL certificate installed yet, this can be HTTP for now).

The Internal URL will need to match the internal IP address or node’s private DNS name and the HTTP or HTTPS protocol.

Fully Qualified Domain NameVerify URL