Portal SSL Support

SSL is enabled automatically for any NormShield Portal installation if done through NormShield Hotpoint. If for any reason SSL enablement fails or the default self-signed certificate that comes with the NormShield is wanted to be replaced with the organization's own signed (which should be utilized for security, just as the root password that comes with the installation should be changed), trusted certificate the flow shown below can be pursued.

The article assumes the IIS that comes with Windows Server 2012  R2, as this is the software requirement for NormShield Portal installation.

Opening IIS Manager and clicking to SSL Certificates menu, choose the appropriate submenu under Actions at the right handside.

If there's a trusted certificate signing used for the organization, then Create Certificate Request should be selected. After following the flow and finish with producing a certificate request, the file should be signed with the trusted certificate signing party, which may take some time. Then after having the signed certificate, again click on the Server Certificates->Actions, but this time Complete Certificate request. Import the newly signed certificate and choose Web Hosting for the target certificate store.

After defining the certificate through the Server Certificates, it's easy to enable the related portal application with SSL. First go to the uvm application, and right click on it selecting Bindings.

Choose Add first then in the dialog opened choose https as the type, and import the SSL certificate by clicking Select. Hit the OK button and the SSL is enabled for the portal.

Note: By default all requests to port 80 will be redirected to HTTPS, however, it would be more secure to close port 80 altogether. In order to do this, just try to delete the port 80 binding from IIS configuration shown above. I case of an permission error, try to run IIS as administrator after a server restart.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk