Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
If you configure the PerformanceGuard web interface to use HTTPS connections, the web interface is by default installed with a self-signed server certificate. Communication between web browsers and the web interface will be encrypted with SSL, but browsers will complain that the certificate isn't trusted. To resolve this security issue, you must install your own server certificate that's signed by a trusted authority (such as VeriSign or Symantec).
You'll need a file that contains your server certificate, any intermediate certificates and the private key. Often, the private key isn't part of the file delivered by your certificate authority. Instead, you may receive a file in the PKCS#7/P7B format. You must then yourself export the private key and certificates into a keystore in a format like PKCS#12/PFX, PEM or DER.
The following is an example of importing a PKCS12 keystore into PerformanceGuard. The PKCS#12 or PFX format is a binary format for storing the server certificate, any intermediate certificates and the private key in one encryptable file. PFX files usually have extensions such as .pfx and .p12. PFX files are typically used on Windows computers to import and export certificates and private keys. PFX files are password-protected, and you need the password to install the certificate file.
Image Removed
During installation check the Use SSL checkbox.
Image Added
Primary Web Server Port: Change Value to a port of your choosing e.g.
Note | ||
---|---|---|
| ||
You must not use 443 as this is reserved for Display2. |
Open \PerformanceGuard installation folder\display2\display2.yml and overwrite the # Server Settings section with the following:
Code Block | ||||
---|---|---|---|---|
| ||||
# Server Settings
server:
rootPath: '/api/*'
applicationContextPath: /
applicationConnectors:
- type: https
port: 443
maxRequestHeaderSize: 64KiB
maxResponseHeaderSize: 64KiB
keyStorePath: 'mykeystore.p12'
keyStorePassword: '$m3llycat'
validateCerts: false |
Then move down to the # Old Display Settings section and change the value of the following parameter:
- hostPort: Change to the port that you set in step 2 (e.g. 8443)
- hostSecure: Change value to true
Code Block | ||||
---|---|---|---|---|
| ||||
# Old Display Settings
classic:
hostPort: '8443'
hostSecure: 'true' |
Note | ||
---|---|---|
| ||
It is not supported nor it is recommended to run one display service as http and the other as https as it will create issues with the browsers because of the mixed content. |
Tip | ||
---|---|---|
| ||
Please ensure to keep the syntax of .XML and .YML correct and valid. We recommend to use a text editor such as Microsoft Visual Studio Code that notifies the user if the syntax is incorrect. |
Open \PerformanceGuard installation folder\notification\conf\config.properties and change the following parameters:
Code Block | ||||
---|---|---|---|---|
| ||||
displaySsl=true
displayPort=8443 (or which ever port you have used above) |
443
- Secondary Web Server Port: Change Value to a port of your choosing e.g. 8443
- Use SSL: Change value to true
- Certificate File Path: The path the the certificate file on local machine
- Certificate Password: Password of the certificate file
Note | ||
---|---|---|
| ||
It is recommended to use proper signed certificates and only access PG using the fully qualified domain name e.g. https://performanceguard.capasystems.com not https://performanceguard or https://127.0.0.1. |
Panel | ||||||
---|---|---|---|---|---|---|
Search this documentation
On this page
In this section
|