Configuring for SSL

7.Enter the path and file name of the file that contains the response from the CA, and then click Next.

8.Examine the certificate overview, click Next, and then click Finish. A certificate is now installed on the ETV Portal Server.

4. Configure ETV Resources for SSL

After installing the certificate on the ETV Portal Server, the ETV Portal Server can now be configured for SSL. This is a two-step process (1) first you configure the Portal Server user login page for SSL access, and (2) configure the Portal Server Admin pages for secure SSL access. This means that when a user attempts to access the Portal Server user pages it will automatically bring them to https://<ipaddressofserver> for the user pages. Users will notice a padlock icon at the bottom of their screen while logging into the Portal Server, however the padlock will disappear once they login. When an administrator attempts to access the Administration pages it will also force them to use https://<ipaddressofserver>/ admin. The padlock icon will be visible at the throughout the entire Admin site.

Securing the Portal Server User Pages

TTo configure the ETV Portal Server User Pages for SSL access:

1.Go the Portal Server install location, typically C:\Program Files\VBrick\MCS and open web.config in a text editor.

2.Uncomment the <configSections> settings block located at after the instructions for Web Page Security by deleting the <!--and -->characters before and after the paragraph.

3.Uncomment the <httpModules> module setting block for SecureWeb Pages by deleting the <!--and -->characters before and after the paragraph.

Example 1 – Uncomment configSections

A sample of a partial web.config file is shown below with the comments removed in order to make the user login pages secure.

<?xml version="1.0" encoding="utf-8" ?> <configuration>

<!-- WEB PAGE SECURITY

This section will redirect any matchingpages to the HTTPS protocol for SSl security, and, if needed, redirect any non-matching pages (or pages matching an entry marked secure="false" to the HTTP protocol to remove the security and encryption.

-->

<!-- Remove comments around configSections and secureWebPages to enable login page security settings. -->

<configSections>

<section name="secureWebPages" type="Hyper.Web.Security.SecureWebPageSectionHandler, WebPageSecurity" allowLocation="false" />

</configSections>

<secureWebPages mode="On" maintainPath="False" warningBypassMode="AlwaysBypass"

ETV Portal Server Admin Guide

95

Page 104 Page 106
Page 105
Image 105
VBrick Systems ETV v4.1 manual Configure ETV Resources for SSL, Securing the Portal Server User Pages
Page 104 Page 106
Top Page Image Contents