Disable TCP and HTTP listeners and only use Secure TCP


I’ve been setting up an EventStore sandbox as 3-node cluster on a single server - I’ve made some good progress and it all appears to works fine, including getting SSL working via the “-Certificate*” command line arguments. However, I’m not quite sure how to disable the non-SSL TCP and HTTP ports. It seems that once you’ve enabled external communication via “-ExtIp”, there’s no specific way to control which protocols are available.

Is there a way within EventStore to only allow communication on the “-ExtSecureTcpPort” for clients, or do I need to rely on firewall rules to block the “-ExtTcpPort” and “-ExtHttpPort”?



As of now firewall rules but can you add a ticket? We have discussed
this in the past and its a useful feature.

Issue can be tracked here