This guide describes how to set up a secure connection for IMPACT services using HTTPS.

1579277405302-428.png

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is an internet communication protocol that protects the integrity and confidentiality of data between the IMPACT client and the IMPACT service.

What is a Firewall?

A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. 

What is DNS?

The Domain Name System (DNS) is the “phonebook of the Internet”. Humans access information online through domain names, like www.strusoft.com.

What is IIS?

Internet Information Services (IIS) is a web server from Microsoft that runs on Windows systems to host the IMPACT services - OpenID and WebAPI. 

What has to be done to securely access IMPACT by using HTTPS?

Register a DNS subdomain

To be able to access your IMPACT services by a friendly domain name, you will have to register a new DNS subdomain where your domain name is hosted such as openid.yourcompany.com and webapi.yourcompany.com.

Open and forward the HTTPS port in the firewall

To set up the firewall so that it will let through communication to the internal web service, the ports corresponding to HTTPS (usually 443) need to be opened up and routed to the internal service.

Open the HTTPS port on the IIS server

The HTTPS port (443) on a Windows Server is usually blocked by default and needs to be opened up using the Windows Firewall.

https://lh5.googleusercontent.com/_JFLrqUqCk0DJ3-_nr26Lp_G2BRkIsKaSlZRjGOsVirS7_4pRmhNSWuF5_fcP0xQ8rUtJ3Hv67323HUohkWupLHDjBQ9K4A89r45e0dqoLenUPwR4o6uOIlU_e_Kk_jvduAOllLO

Install a Certificate on the IIS server

There are many providers of certificates that can be used to secure IMPACT with HTTPS. 

Today, many companies used a free service from Let’s Encrypt that is backed by industry leaders such as Cisco, Google, and RedHat.

There are many ways to install a Let’s Encrypt certificate on an IIS web server and of them is Certify The Web that provides an automated tool to be used on the IIS server.

https://lh6.googleusercontent.com/RAJ6X3a0hMnlDtdshx21l_-QZ4bOF4rXz5f0LUX_tu_D2MsQIZlEBcgD0onGy_IViCj9-DmjGLMobwjd9fqUdxgXtpmgHEeNFlieCKG-wmSE_E3fitZixh59oDztLlNNctXb6seW

If you have used the IMPACT Service Configuration Tool to deploy the WebApi you will be able to:

  1. Select the website in the Select Website dropdown. 
  2. Add your registered subdomain. 
  3. Request a new certificate.

Different deployment scenarios are covered in the Getting Started Guide.

Tags:
Created by Jonas Andréasson on 2020/01/17 17:05
Copyright 2020 StruSoft AB
IMPACT Documentation