diff --git a/serve.js b/serve.js
index bbc71b4..aaca97e 100755
--- a/serve.js
+++ b/serve.js
@@ -26,9 +26,13 @@ function showError(err, port) {
 }
 
 function createInsecureServer(port, pubdir, opts) {
-  return new PromiseA(function (resolve) {
+  return new PromiseA(function (realResolve) {
     var server = http.createServer();
 
+    function resolve() {
+      realResolve(server);
+    }
+
     server.on('error', function (err) {
       if (opts.errorInsecurePort || opts.manualInsecurePort) {
         showError(err, port);
@@ -41,9 +45,7 @@ function createInsecureServer(port, pubdir, opts) {
       return createInsecureServer(insecurePortFallback, pubdir, opts).then(resolve);
     });
 
-    server.on('request', require('redirect-https')({
-      port: opts.port
-    }));
+    server.on('request', opts.redirectApp);
 
     server.listen(port, function () {
       opts.insecurePort = port;
@@ -53,15 +55,20 @@ function createInsecureServer(port, pubdir, opts) {
 }
 
 function createServer(port, pubdir, content, opts) {
-  return new PromiseA(function (resolve) {
+  return new PromiseA(function (realResolve) {
     var server = https.createServer(opts.httpsOptions);
     var app = require('./app');
 
     var directive = { public: pubdir, content: content, livereload: opts.livereload
       , servername: opts.servername, expressApp: opts.expressApp };
-    var redirectApp = require('redirect-https')({
-      port: port
-    });
+    var insecureServer;
+
+    function resolve() {
+      realResolve({
+        plainServer: insecureServer
+      , server: server
+      });
+    }
 
     server.on('error', function (err) {
       if (opts.errorPort || opts.manualPort) {
@@ -77,6 +84,7 @@ function createServer(port, pubdir, content, opts) {
 
     server.listen(port, function () {
       opts.port = port;
+      opts.redirectOptions.port = port;
 
       if (opts.livereload) {
         opts.lrPort = opts.lrPort || lrPort;
@@ -93,7 +101,10 @@ function createServer(port, pubdir, content, opts) {
       }
 
       if ('false' !== opts.insecurePort && httpPort !== opts.insecurePort) {
-        return createInsecureServer(opts.insecurePort, pubdir, opts).then(resolve);
+        return createInsecureServer(opts.insecurePort, pubdir, opts).then(function (_server) {
+          insecureServer = _server;
+          resolve();
+        });
       } else {
         opts.insecurePort = opts.port;
         resolve();
@@ -108,7 +119,7 @@ function createServer(port, pubdir, content, opts) {
 
     server.on('request', function (req, res) {
       if (!req.socket.encrypted) {
-        redirectApp(req, res);
+        opts.redirectApp(req, res);
         return;
       }
 
@@ -246,6 +257,12 @@ function run() {
     opts.expressApp = require(path.resolve(process.cwd(), argv['express-app']));
   }
 
+  // can be changed to tunnel external port
+  opts.redirectOptions = {
+    port: opts.port
+  };
+  opts.redirectApp = require('redirect-https')(opts.redirectOptions);
+
   return createServer(port, pubdir, content, opts).then(function () {
     var msg;
     var p;