--- a/rust/hedgewars-server/src/protocol/messages.rs	Thu Apr 25 19:58:52 2019 +0200
+++ b/rust/hedgewars-server/src/protocol/messages.rs	Thu Apr 25 21:32:22 2019 +0300
@@ -109,6 +109,9 @@
 
 #[derive(Debug)]
 pub enum HWServerMessage {
+    Connected(u32),
+    Redirect(u16),
+
     Ping,
     Pong,
     Bye(String),
@@ -146,7 +149,6 @@
     Notice(String),
     Warning(String),
     Error(String),
-    Connected(u32),
     Unreachable,
 
     //Deprecated messages
@@ -362,6 +364,7 @@
                 "Hedgewars server https://www.hedgewars.org/",
                 protocol_version
             ],
+            Redirect(port) => msg!["REDIRECT", port],
             Bye(msg) => msg!["BYE", msg],
             Nick(nick) => msg!["NICK", nick],
             Proto(proto) => msg!["PROTO", proto],

--- a/rust/hedgewars-server/src/server/network.rs	Thu Apr 25 19:58:52 2019 +0200
+++ b/rust/hedgewars-server/src/server/network.rs	Thu Apr 25 21:32:22 2019 +0300
@@ -26,6 +26,7 @@
 #[cfg(feature = "official-server")]
 use super::io::{IOThread, RequestId};
 
+use crate::protocol::messages::HWServerMessage::Redirect;
 use crate::server::handlers::{IoResult, IoTask};
 #[cfg(feature = "tls-connections")]
 use openssl::{
@@ -335,29 +336,10 @@
 }
 
 impl NetworkLayer {
-    #[cfg(feature = "tls-connections")]
-    fn create_ssl_context(listener: TcpListener) -> ServerSsl {
-        let mut builder = SslContextBuilder::new(SslMethod::tls()).unwrap();
-        builder.set_verify(SslVerifyMode::NONE);
-        builder.set_read_ahead(true);
-        builder
-            .set_certificate_file("ssl/cert.pem", SslFiletype::PEM)
-            .unwrap();
-        builder
-            .set_private_key_file("ssl/key.pem", SslFiletype::PEM)
-            .unwrap();
-        builder.set_options(SslOptions::NO_COMPRESSION);
-        builder.set_cipher_list("DEFAULT:!LOW:!RC4:!EXP").unwrap();
-        ServerSsl {
-            listener,
-            context: builder.build(),
-        }
-    }
-
     pub fn register(&self, poll: &Poll) -> io::Result<()> {
         register_read(poll, &self.listener, utils::SERVER_TOKEN)?;
         #[cfg(feature = "tls-connections")]
-        register_read(poll, &self.listener, utils::SECURE_SERVER_TOKEN)?;
+        register_read(poll, &self.ssl.listener, utils::SECURE_SERVER_TOKEN)?;
         register_read(poll, &self.timer, utils::TIMER_TOKEN)?;
 
         #[cfg(feature = "official-server")]
@@ -497,6 +479,15 @@
         }
     }
 
+    fn init_client(&mut self, poll: &Poll, client_id: ClientId) {
+        let mut response = handlers::Response::new(client_id);
+        #[cfg(feature = "tls-connections")]
+        response.add(Redirect(self.ssl.listener.local_addr().unwrap().port()).send_self());
+
+        handlers::handle_client_accept(&mut self.server, client_id, &mut response);
+        self.handle_response(response, poll);
+    }
+
     pub fn accept_client(&mut self, poll: &Poll, server_token: mio::Token) -> io::Result<()> {
         let (client_socket, addr) = self.listener.accept()?;
         info!("Connected: {}", addr);
@@ -505,9 +496,7 @@
             utils::SERVER_TOKEN => {
                 let client_id =
                     self.register_client(poll, self.create_client_socket(client_socket)?, addr);
-                let mut response = handlers::Response::new(client_id);
-                handlers::handle_client_accept(&mut self.server, client_id, &mut response);
-                self.handle_response(response, poll);
+                self.init_client(poll, client_id);
             }
             #[cfg(feature = "tls-connections")]
             utils::SECURE_SERVER_TOKEN => {
@@ -563,11 +552,7 @@
                     }
                     NetworkClientState::Closed => self.client_error(&poll, client_id)?,
                     #[cfg(feature = "tls-connections")]
-                    NetworkClientState::Connected => {
-                        let mut response = handlers::Response::new(client_id);
-                        handlers::handle_client_accept(&mut self.server, client_id, &mut response);
-                        self.handle_response(response, poll);
-                    }
+                    NetworkClientState::Connected => self.init_client(poll, client_id),
                     _ => {}
                 };
             }
@@ -668,6 +653,25 @@
         }
     }
 
+    #[cfg(feature = "tls-connections")]
+    fn create_ssl_context(listener: TcpListener) -> ServerSsl {
+        let mut builder = SslContextBuilder::new(SslMethod::tls()).unwrap();
+        builder.set_verify(SslVerifyMode::NONE);
+        builder.set_read_ahead(true);
+        builder
+            .set_certificate_file("ssl/cert.pem", SslFiletype::PEM)
+            .expect("Cannot find certificate file");
+        builder
+            .set_private_key_file("ssl/key.pem", SslFiletype::PEM)
+            .expect("Cannot find private key file");
+        builder.set_options(SslOptions::NO_COMPRESSION);
+        builder.set_cipher_list("DEFAULT:!LOW:!RC4:!EXP").unwrap();
+        ServerSsl {
+            listener,
+            context: builder.build(),
+        }
+    }
+
     pub fn build(self) -> NetworkLayer {
         let server = HWServer::new(self.clients_capacity, self.rooms_capacity);
         let clients = Slab::with_capacity(self.clients_capacity);
@@ -682,7 +686,7 @@
             pending,
             pending_cache,
             #[cfg(feature = "tls-connections")]
-            ssl: NetworkLayer::create_ssl_context(
+            ssl: Self::create_ssl_context(
                 self.secure_listener.expect("No secure listener provided"),
             ),
             #[cfg(feature = "official-server")]