Filter
Top Products
Configuring for SSL
ETV Portal Server Admin Guide 95
7. Enter the path and file name of the file that contains the response from the CA, and then
click Next.
8. Examine the certificate overview, click
Next, and then click Finish. A certificate is now
installed on the ETV Portal Server.
4. Configure ETV Resources for SSL
After installing the certificate on the ETV Portal Server, the ETV Portal Server can now be
configured for SSL. This is a two-step process (1) first you configure the Portal Server user
login page for SSL access, and (2) configure the Portal Server Admin pages for secure SSL
access. This means that when a user attempts to access the Portal Server user pages it will
automatically bring them to
https://<ipaddressofserver> for the user pages. Users will
notice a padlock icon at the bottom of their screen while logging into the Portal Server,
however the padlock will disappear once they login. When an administrator attempts to
access the Administration pages it will also force them to use
https://<ipaddressofserver>/
admin
. The padlock icon will be visible at the throughout the entire Admin site.
Securing the Portal Server User Pages
T To configure the ETV Portal Server User Pages for SSL access:
1. Go the Portal Server install location, typically
C:\Program Files\VBrick\MCS and open
web.config in a text editor.
2. Uncomment the
<configSections> settings block located at after the instructions for Web
Page Security
by deleting the <!-- and --> characters before and after the paragraph.
3. Uncomment the
<httpModules> module setting block for SecureWeb Pages by deleting
the <!-- and --> characters before and after the paragraph.
Example 1 – Uncomment configSections
A sample of a partial
web.config file is shown below with the comments removed in order to
make the user login pages secure.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<!-- WEB PAGE SECURITY
This section will redirect any matchingpages to the HTTPS protocol for SSl
security, and, if needed, redirect any non-matching pages (or pages matching an
entry marked secure="false" to the HTTP protocol to remove the security and
encryption.
-->
<!-- Remove comments around configSections and secureWebPages to enable login page
security settings. -->
<configSections>
<section name="secureWebPages"
type="Hyper.Web.Security.SecureWebPageSectionHandler, WebPageSecurity"
allowLocation="false" />
</configSections>
<secureWebPages mode="On"
maintainPath="False"
warningBypassMode="AlwaysBypass"