Knowledge Base
      Back to home
      1. Help Center
      2. DC Project Suite
      3. Knowledge Base

      Configuring Discovery Center to use the HTTPS Protocol

      This article will discuss how to setup Discovery Center so that it uses the HTTPS protocol for the website and web services. This should be done during the initial installation, though you can migrate to HTTPS with some slight modifications to the overall process.

       

      Preparing a Secure Site

      Choice of SSL Certificate

      An HTTPS-based site requires an SSL certificate that enables a browser to validate the site when negotiating a secure connection. Follow the procedures set out by your organization to obtain a certificate and complete the configuration of a secure site for use by the Discovery Center installation.

      When setting up a secure site, IIS allows self-signed certificates. Self-signed certificates do not include the signature of a trusted certificate authority; further, the following factors will affect the use of such a certificate by Discovery Center:

      • A self-signed certificate must be added to the Trusted Root Certification Authorities folder in the certificate store for the local machine account
      • End users will see a security warning when accessing the secure site with a web browser. The warning will require confirmation that they are prepared to access a site with an untrusted certificate. It is possible to install the certificate as a trusted certificate on end-users’ systems to avoid these warnings, or users may add a security exception to their browser configuration.

      Preparing an SSL Certificate

      To prepare an SSL certificate for use with IIS, follow these steps:

      1. Open IIS Manager.
      2. Select the server name in the hierarchy in the left-hand pane.
      3. In the right-hand pane, locate and open the Server Certificates module.
      4. If you are using a trusted certificate from a 3rd party, choose, the "Import…" option to add the certificate.
      5. If creating a self-signed certificate, choose the Create Self-Signed Certificate option:
        • Enter a name for the certificate.
        • If offered a choice of certificate store, select Web Hosting.

      Preparing a Secure Site

      Follow these steps to configure the secure site to receive the Discovery Center installation.

      1. Open IIS Manager. Right-click the Sites node and choose Add Web Site.
      2. Enter a name for the site and specify the location where the web application files should be installed.
      3. Select HTTPS as the binding type.
      4. Specify the hostname for the site. This should match the hostname set for the SSL certificate.
      5. From the drop down list select the SSL certificate configured in the previous stage.
      6. Select OK to create the web site.

      mceclip0 (12)

      Once created, check access to the empty website. If using a self-signed certificate, a security warning will require a browser exception to be added. If the site creation is successful, and the certificate is correctly applied, a warning will be displayed with the text "The Web server is configured to not list the contents of this directory".

      Installing Discovery Center to an Existing Secure Site

      Proceed through the standard installation following the steps outlined in the Discovery Center Installation Guide. At the Web site settings dialog, choose the "Select existing site" option.
      On the following page, configure the Web Application service account and select the secure web site from the "Select Web Site" drop-down list.


      mceclip1 (9)
      Proceed through the remaining standard installation process. Upon completing the installation, ensure that end-users are able to successfully access Discovery Center using the secure website address, and that Discovery Center Workbench can be used to interact with the Discovery Center web services with no errors.

      Migrating an Existing Installation to HTTPS

      While the Discovery Center installation package supports direct installation to a web application configured for HTTPS, this is not possible where a legacy manual configuration has been used to create an HTTPS configuration, or when migrating an existing installation to HTTPS.

      In such cases, you can migrate Discovery Center to HTTPS as follows:

      1. Backup the Discovery Center Database.
      2. From the Discovery Center host server, open Control Panel > Programs and Features.
      3. Locate and right-click the Discovery Center installation entry and select 'Change'.
      4. When the Discovery Center installation wizard opens, choose 'Remove'.
      5. Uncheck 'Remove Database within uninstall'.
      6. Complete the uninstall process.
      7. Perform a new installation specifying the existing database and secure website at the appropriate steps in the wizard.