Enable SSL for Apollo 2015

Similar documents
HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

NSi Mobile Installation Guide. Version 6.2

HTTP Server Setup for McAfee Endpoint Encryption (Formerly SafeBoot) Table of Contents

How to Configure a Secure Connection to Microsoft SQL Server

CA NetQoS Performance Center

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

Installation Procedure SSL Certificates in IIS 7

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

INSTALLING YOUR SSL CERTIFICATE ON THE FILEHOLD SERVER ON WINDOWS 2008 X64 ON IIS 7

SQL Server 2008 and SSL Secure Connection

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

ProSystem fx Document

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

WhatsUp Gold v16.3 Installation and Configuration Guide

CONFIGURING MICROSOFT SQL SERVER REPORTING SERVICES

Reference and Troubleshooting: FTP, IIS, and Firewall Information

OrgChart Now SSL Certificate Installation. OfficeWork Software LLC

Copyright

etoken Enterprise For: SSL SSL with etoken

ESET SECURE AUTHENTICATION. API SSL Certificate Replacement

Setting Up SSL on IIS6 for MEGA Advisor

Network Load Balancing

Wavecrest Certificate

AvePoint Meetings for SharePoint On-Premises. Installation and Configuration Guide

FTP, IIS, and Firewall Reference and Troubleshooting

StarWind SMI-S Agent: Storage Provider for SCVMM April 2012

O Reilly Media, Inc. 3/2/2007

Microsoft Exchange 2010 and 2007

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

MadCap Software. Upgrading Guide. Pulse

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

e-cert (Server) User Guide For Microsoft IIS 7.0

RSA Security Analytics

Quadro Configuration Console User's Guide. Table of Contents. Table of Contents

Jeff Schertz MVP, MCITP, MCTS, MCP, MCSE

Generating a Certificate Signing Request (CSR) from LoadMaster

2. In the Search programs and files field, enter mmc and hit the enter key

RoomWizard Synchronization Software Manual Installation Instructions

WhatsUp Gold v16.1 Installation and Configuration Guide

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

Scenarios for Setting Up SSL Certificates for View

Microsoft IIS 4 Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

ez Agent Administrator s Guide

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Desktop Surveillance Help

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N REV A01 January 14, 2011

FTP Server Configuration

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

Browser-based Support Console

Ekran System Help File

APNS Certificate generating and installation

TIBCO Spotfire Automation Services 6.5. Installation and Deployment Manual

HP Device Manager 4.6

Microsoft IIS 7 Guide to Installing Root Certificates, Generating CSR and Installing certificate

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

DMZ Server monitoring with

LoadMaster SSL Certificate Quickstart Guide

INSTALLING MICROSOFT SQL SERVER AND CONFIGURING REPORTING SERVICES

App Orchestration 2.5

Configuring Global Protect SSL VPN with a user-defined port

Configuring Secure Socket Layer (SSL) for use with BPM 7.5.x

How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)

Set up SSL in Deployment Solution 7.5

Releasing blocked in Data Security

Outlook Web Access Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

Installing and Configuring vcenter Multi-Hypervisor Manager

OPC Unified Architecture - Connectivity Guide

Mobility Manager 9.0. Installation Guide

HELP DOCUMENTATION SSRPM WEB INTERFACE GUIDE

Authentication in XenMobile 8.6 with a Focus on Client Certificate Authentication

Aspera Connect User Guide

StarWind iscsi SAN: Configuring HA File Server for SMB NAS February 2012

LAB: Enterprise Single Sign-On Services. Last Saved: 7/17/ :48:00 PM

c360 Portal Installation Guide

StarWind iscsi SAN & NAS: Configuring HA File Server on Windows Server 2012 for SMB NAS January 2013

Using Logon Agent for Transparent User Identification

WhatsUp Gold v16.2 Installation and Configuration Guide

Pro-Watch Software Suite Installation Guide Honeywell Release 4.1

MicrosoftDynam ics GP TenantServices Installation and Adm inistration Guide

isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

Cloud Attached Storage

Windows Intune Walkthrough: Windows Phone 8 Management

2X ApplicationServer & LoadBalancer Manual

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

USER GUIDE. Snow Inventory Data Receiver Version 2.1 Release date Installation Configuration Document date

Symantec Endpoint Encryption Full Disk

Install the Production Treasury Root Certificate (Vista / Win 7)

System Administration Training Guide. S100 Installation and Site Management

Thin Client Manager. Table of Contents. 1-10ZiG Manager. 2 - Thin Client Management. 3 - Remote client configurations. 1 of 16

SELF SERVICE RESET PASSWORD MANAGEMENT WEB INTERFACE GUIDE

TIBCO Spotfire Automation Services Installation and Configuration

Bitrix Site Manager ASP.NET. Installation Guide

Configuring the NetBackup 7.7 Cloud Connector for use with StorReduce

SolarWinds Technical Reference

Investment Management System. Connectivity Guide. IMS Connectivity Guide Page 1 of 11

Secure Messaging Server Console... 2

Configuring Network Load Balancing with Cerberus FTP Server

Direct Storage Access Using NetApp SnapDrive. Installation & Administration Guide

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Transcription:

Enable SSL for Apollo 2015 [1] Obtain proper SSL certificate *.pfx (contains both certificate and private keys) For example, the pfx file contains both certificate and private keys, also the ascii file contains the password. [2] Import Certificate to local computer This section instructs you on how to import a trusted certificate into your Local Computer's certificate store. 1. Run mmc.exe to launch the Microsoft Management Console (or, open a pre-configured MMC console if you have one.) NOTE: You should run mmc.exe with Administrator rights. 2. Before you can add certificates to the Windows Certificate Store, you must add the Certificate snap-in to the Microsoft Management Console (MMC) on the Windows Server host on which the View server is installed. a. Verify that the MMC and Certificate snap-in are available on the Windows Server computer on which the View server is installed. In the MMC window, go to File > Add/Remove Snap-in In the Add or Remove Snap-ins window, select Certificates and click Add. In the Certificates snap-in window, select Computer account, click Next, select Local computer, and click Finish. In the Add or Remove snap-in window, click OK

1. Expand Certificates (Local Computer) to display the certificate store nodes. 2. Expand Trusted Root Certification Authorities, right click on Certificates and select All Tasks and Import.

3. On the Certificate Import Wizard, choose Local Machine, and click Next. Then specify the.pfx file for File to Import. Click Next.

From Private key protection dialog, use the Password from the ASCII file that comes with the pfx certificate. Then make sure to select Mark this key as exportable option. Click Next.

NOTE: if you provide the wrong password, you will get the following message The password you entered is incorrect.

From Certificate store, choose Place all certificate in the following store: Trusted Root Certification Authorities

Review the summary page, and click Finish.

You will get The import was successful message. Here is the imported Certification, you can view the Issuer, Expiration date, Friendly name...

Do the same thing for Intermediate Certification Authorities

[3] Import certification to IIS 1. Open Administrative Tools > Internet Information Services (IIS) Manager 2. Click on the server name in the Connections pane. 3. In the main pane, double click on the Server Certificates icon to open the Server Certificates view.

4. Once in Server Certificate view, then Click on the Import... link in the far right Actions pane to open the Import Certificate dialog.

5. Select the Certificate File (*.pfx) you received from a Certificate Authority, also the password that comes with the certification. click OK to complete the import. Now the certificate will be imported to IIS, you can click view to see details about the certificate.

[4] HTTPS port Binding Adding an https Binding to the ERDAS APOLLO Web Site This section instructs you on how to add an https binding associated with an SSL trusted certificate to your ERDAS APOLLO web site. 1. Open Administrative Tools > Internet Information Services (IIS) Manager. NOTE: If you have just completed Importing an SSL Certificate into IIS (on page 17), IIS Manager should already be opened. 2. Expand the Sites folder 3. Select the site to be secured. NOTE: This will either be the Default Web Site or the web site that you added and configured in Configuring the ERDAS APOLLO Web Site 4. From the Actions menu (on the right), select Bindings... to open the Site Bindings dialog box.

5. 6. 7. 8. 9. In the Site Bindings dialog box, click Add... to open the Add Site Binding dialog box. Under Type choose https. The IP address should be the IP address of the site or All Unassigned. The port over which traffic will be secured by SSL is usually 443. The SSL Certificate field should specify the SSL certificate that was imported into IIS in Importing an SSL Certificate into IIS. In this case, the SSL certificate is *.ingrnet.com, select it from the drop down list. 10. Click OK to add the https binding.

Your SSL certificate is now installed and the website configured to accept secure connections through https. [5] Run Apollo Configure Wizard NOTE: Due to the following bug in Apollo 2015, you can not change the hostname during configuration wizard (if this is not the 1 st time to run the wizard). If you want to change host name, then you have to uninstall reinstall Apollo again. CR 1-BMIVHN config wizard for ERDAS APOLLO throws error when hostname is changed During configure wizard HTTP Server settings, the HTTPS on port 443 should show up, and make sure it is highlighted/selected. Also make sure you use the domain for the server name.

[6] Configuring APOLLO Services for SSL If you have configured Secure Sockets Layer as described in Configuring Secure Sockets Layer (SSL) (on page 16), you can now configure your ERDAS APOLLO services to use https and SSL. Configuring the APOLLO Catalog WMS Service for SSL 1. Navigate to C:\Program Files\Common Files\Hexagon\Services\Instances\ApolloCatalogWMS. 2. Open web.config and search for the comment, "If you wish to run the service over HTTPS transport change the mode from None to Transport". 3. On the next line change <security mode="none"> to <security mode="transport">. 4. Search for the comment again and change the second occurrence from "None" to "Transport" also. 5. Save and close the file. The ERDAS APOLLO Catalog WMS service will automatically restart.

Do the same thing for public WMS again. 1. Navigate to C:\Program Files\Common Files\Hexagon\Services\Instances\ApolloCatalogWMSPublic. 2. Open web.config and search for the comment, "If you wish to run the service over HTTPS transport change the mode from None to Transport". 3. On the next line change <security mode="none"> to <security mode="transport">. 4. Search for the comment again and change the second occurrence from "None" to "Transport" also. 5. Save and close the file. The ERDAS APOLLO Catalog WMS service will automatically restart.

[7] Configure Geospatial Portal for SSL If IIS is configured to receive requests on a public address and that address is not resolved as the localhost IP (it is IP address of another server that redirects requests), configure the host machine to resolve the public host name as the localhost IP address. To configure the host machine, add the following line to C:\Windows\System32\drivers\etc\hosts file. 127.0.0.1 publichostname.yourdomain.com [8] Test DM and Portal @ HTTP port 80 (DM can not render image) Portal Both Data manager and Portal should work on regular http port 80

If click WMS link, and save shortcut, and you will find it actually use HTTPs https://vmapollosupport.ingrnet.com/apollocatalogwms/service.svc/get?service=wms&version=1.3.0&request=getlayer&layers=xs_truecolor_sub

DM x While DM will not render the image, and Confirmed with Sridhar @ QA team. The following CR has been filed. CR 1-DIFOC0 Could not render any WMS @ Data Manager http port 80 with SSL enabled. And http://vmapollosupport.ingrnet.com/apollocatalogwms/service.svc/get?service=wms&request=getcapabilities will return 404, which explains why there is no WMS rendering in Apollo data manager.

[9] Test DM and Portal @ HTTPs port 443 Both Data manager and Portal should work on regular https port 443

Portal

DM https://vmapollosupport.ingrnet.com/apollocatalogwms/service.svc/get?service=wms&request=getcapabilities

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information