How to bind SSL certificate to POP server

Frequently asked questions and support articles for Prophet On-Premise hosted customers with their own servers.

Moderator: Prophet Support

Locked
User avatar
admin
Site Admin
Posts: 68
Joined: Mon Dec 04, 2017 2:40 pm

How to bind SSL certificate to POP server

Post by admin » Wed Jun 27, 2018 12:16 pm

How to bind SSL certificate to POP server

Purpose
  • When you need to update Prophet to work with your new SSL Certificate

    Please note that these steps are related to a specific version of Windows Server, and standard network processes. Your steps might vary.

    Setting up the SSL Certificate is not something that Avidian Support can help with. If you have any questions, please consult your network techs, Microsoft, etc.

    Support can help with updating Prophet's Web.conf files.
Solutions
Step A: Assign the SSL Host Headers
  1. From your Prophet Server, open Internet Information Services (IIS) Manager
  2. In IIS, click the arrow/+ next to your Site's name (Left side of IIS)
  3. Right click 'Default Website' or whatever your Site is named, and click 'Edit Bindings...'
    Image
  4. In the 'Site Bindings' window, click 'Add...'
    Image
  5. Set the following options in the Site Bindings Window:

    Type: In the drop-down list, select https.
    IP address: In the drop-down list, select All Unassigned.
    Port: Enter 443. The port for SSL traffic is usually port 443.
    Host name: Enter your website’s DNS name (e.g. website1.yourdomain.com).
    SSL certificate: In the drop-down list, select the SSL certificate by its friendly name (*.yourdomain.com).
    Image
  6. Repeat these steps as many times as needed for all of the sites you want to assign SSL host headers to.
  7. You may need to restart your IIS sites for the changes to take affect
Step B: Update Prophet's WEB.CONF files
  1. Navigate to the Admin folder of Prophet. Most likely located here:
    C:\inetpub\wwwroot\prophet\admin
  2. You could also get to the folder above through IIS by selecting 'Explore' with the 'Admin' page highlighted. (Screenshot below)
    389473928.png
  3. Open Web.Config file in Notepad
  4. Under the header <!—Auto generate webreferences. Do not change—!> change all references of “http://localhost” to “https://localhost
  5. Change all http references,notably the following keys:

    Code: Select all

    ProphetConfiguration.ProphetConfiguration
    ProphetContactService.prophetcontactservice
    ProphetProductService.ProphetProductService
    ProphetService.ProphetService
    UserManagementService.UserManagement
    
  6. Click File -> Save and then close Notepad
  7. Navigate to the 'Mobile' folder (Same as Step 1 or 2 but 'Mobile' instead of 'Admin')
    C:\inetpub\wwwroot\prophet\mobile
  8. Open Web.Config file in Notepad
  9. Under the header <!—Auto generate webreferences. Do not change—!> change all references of “http://localhost” to “https://localhost
  10. Change all http references,notably the following keys:

    Code: Select all

    ProphetConfiguration.ProphetConfiguration
    ProphetContactService.prophetcontactservice
    ProphetProductService.ProphetProductService
    ProphetService.ProphetService
    UserManagementService.UserManagement
    
  11. Click File->Save and close Notepad.
  12. Navigate to the 'prophetwebservices' folder (Same as Step 1 or 2)
    C:\inetpub\wwwroot\prophet\prophetwebservices
  13. Open the AvtWCF folder
  14. Open Web.SSL file in Notepad
  15. Find the following code:

    Code: Select all

    <serviceMetadata httpGetEnabled="true"/>
  16. Replace the code above with:

    Code: Select all

    <serviceMetadata httpsGetEnabled="true"/>
  17. There are 2 instances of the code above to replace.
  18. Find the following code:

    Code: Select all

    <security mode="None">
  19. Replace the code above with:

    Code: Select all

    <security mode="Transport">
  20. There are 2 instances of the code above to replace.
  21. Click File->Save and close Notepad
  22. Rename Web.config to WebOld.Config
  23. Rename Web.SSL to Web.Config
Your SSL certificate should now be binded to your Prophet server. Your Prophet Clients may need to update their Prophet client server address to have the 's' in it but this isn't always the case.
Clients with issues may use the following article to update their URL:
viewtopic.php?f=9&t=39

Hidden Content
This board requires you to be registered and logged-in to view hidden content.

Locked
  • Similar Topics
    Replies
    Views
    Last post