the standard way to do this is to terminate SSL at a load balancer, which
then forwards to the CF routing tier. the hop between the load balancer and
the cf router may be done with SSL. the network path from gorouter to the
DEA / Diego Cell backend is only supported with http today. the gorouter
must be able to inspect the request to see the http host header and cookies
(to evaluate session stickiness) to know which app the request is intended
for.

the TCP router which is coming soon and available to preview with lattice.cf
would open up the opportunity to use a random port to identify the app,
which could then pass through to the the backend that had a secure listen
port.

On Wed, Sep 9, 2015 at 1:45 AM, Juan Antonio Breña Moral <
bren(a)juanantonio.info> wrote:

Hi James,

Yes, you have reason, I returned to test:

https://nodejsssl.MY_IP.xip.io/

and I see the sreeen where Chrome advise the user about a
NET::ERR_CERT_AUTHORITY_INVALID so, the node application is running:


https://raw.githubusercontent.com/jabrena/CloudFoundryLab/master/Node_HelloWorld_ssl/docs/firstScreen.png

but if you click to continue, I receive this message:

404 Not Found: Requested route ('nodejsssl.MY_IP.xip.io') does not exist.

My question is CF could fix this issue to deploy applications which it
runs with https protocol.

Juan Antonio

--
Thank you,

James Bayer