Configure etv resources for ssl, Securing the portal server user pages – VBrick Systems Portal Server ETV v4.2.1 User Manual

Configuring for SSL

ETV Portal Server Admin Guide

107

5. Select

Server Certificate

to launch the Web Server Certificate Wizard

6. Select

Process the pending request and install the certificate

and then click

Next

.

7. Enter the path and file name of the file that contains the response from the CA, and then

click

Next

.

8. Examine the certificate overview, click

Next

, and then click

Finish

. A certificate is now

installed on the ETV Portal Server.

4. Configure ETV Resources for SSL

After installing the certificate on the ETV Portal Server, the ETV Portal Server can now be
configured for SSL. This is a two-step process (1) first you configure the Portal Server user
login page for SSL access, and (2) configure the Portal Server Admin pages for secure SSL
access. This means that when a user attempts to access the Portal Server user pages it will
automatically bring them to

https://<ipaddressofserver>

for the user pages. Users will

notice a padlock icon at the bottom of their screen while logging into the Portal Server,
however the padlock will disappear once they login. When an administrator attempts to
access the Administration pages it will also force them to use

https://<ipaddressofserver>/

admin

. The padlock icon will be visible at the throughout the entire Admin site.

Securing the Portal Server User Pages

T

To configure the ETV Portal Server User Pages for SSL access:

1. Go the Portal Server install location, typically

C:\Program Files\VBrick\MCS

and open

web.config

in a text editor.

2. Uncomment the sections labeled Web Page Security 1, 2, and 3 by deleting only the <!--

and --> characters shown below in red.

Web Page Security 1

<!-- Web Page Security 1: Remove comments around the following section to enable
SSL on the login page. -->

<!--

<section name="secureWebPages"
type="Hyper.Web.Security.SecureWebPageSectionHandler, WebPageSecurity"
allowLocation="false" />

-->

Web Page Security 2

<!-- Web Page Security 2: Remove comments around the following section to enable
SSL on the login page. -->

<!--

<secureWebPages mode="On" maintainPath="False" warningBypassMode="AlwaysBypass"
bypassQueryParamName="BypassSecurityWarning">
<file path="login.aspx" /> <file path="login4.aspx" /> </secureWebPages>

-->

Web Page Security 3

<!-- Web Page Security 3: Remove comments around the following section to enable
SSL on the login page. -->

<!--

<add name="SecureWebPage" type="Hyper.Web.Security.SecureWebPageModule,
WebPageSecurity" />

-->