Switch Creatio website from HTTP to HTTPS
The HTTPS protocol ensures secure connection between a client and a web service. Switching from HTTP to HTTPS is recommended to increase system security and enable additional services, such as WebRTC support in Webitel. Please note that this article refers only to on-site applications. To switch to HTTPS, you need to change several options of the website in IIS and edit the Web.config file. Creatio cloud uses secure connection by default.
Note
You will not be able to use the advantages of HTTPS if Creatio application is deployed on Windows Server 2008.
Contents
Before configuring HTTPS, do the following:
-
Obtain a digital certificate from the certification center in PFX format;
Note
If you are using a self-signed certificate, Creatio mobile application will not be able to connect to the Creatio site due to the security policies of mobile applications.
-
Set up websockets for the correct operation of all system components;
-
Additionally, check the list of installed IIS components to avoid errors during Creatio setup and operation.
The received digital certificate must be loaded into the server certificate storage:
1.Open Internet Information Services (IIS) Manager.
2.In the main IIS window, double-click the [Server Certificates] detail (Fig. 1).
3.In the [Server Certificates] window, click the [import] link in the action menu to the right (Fig. 2).
4.In the import dialog box, specify:
a.Path to the import file hosted on the server
b.Password (if required)
c.Certificate storage (Fig. 3)
5.Click [OK] to import the certificate.
Next, connect the imported certificate to the bCreatio application:
1.In the IIS window, go to the application website by clicking its name in the left [Connections] menu (Fig. 4).
2.Click the [Bindings] link in the action menu (Fig. 5).
3.In the website bindings menu, click [Add] and add a new binding. In the [Add Site Binding] window, specify:
a.Type "https "
b.Website address
c.SSL certificate (Fig. 6).
4.Click [OK] to confirm the settings.
Now the certificate is successfully bound to the web application.
After adding the certificate, you need to make changes to the Web.config configuration file, located in the root directory of the Creatio website.
1.At the end of the file, find:
<behaviors configSource="Terrasoft.WebApp\ServiceModel\http\behaviors.config" />
<bindings configSource="Terrasoft.WebApp\ServiceModel\http\bindings.config" />
2.Change paths from “http” to “https”:
<behaviors configSource="Terrasoft.WebApp\ServiceModel\https\behaviors.config" />
<bindings configSource="Terrasoft.WebApp\ServiceModel\https\bindings.config" />
Edit the Web.config file located in the [Path to the root website directory]\Terrasoft.WebApp\ directory.
1.Set the variable value to encrypted="true". The configuration differs depending on the operating system of the server with Creatio application.
For Windows Server 2012 and higher, the configuration string should look as follows:
<wsService
type="Terrasoft.Messaging.MicrosoftWSService.MicrosoftWSService,
Terrasoft.Messaging.MicrosoftWSService" encrypted="true"
portForClientConnection="443" maxConnectionNumber="100"
clearIdleSession="false" clearIdleSessionInterval="120" />
2.At the end of the file, find:
<services configSource="ServiceModel\http\services.config" />
3.Change the path from “http” to “https”:
<services configSource="ServiceModel\https\services.config" />
Save the configuration files.
Restart the application in the IIS and then go to your Creatio website. If all is done right, then in the address bar you will see "https://" before the web address of the application.
See also