Enabling HTTPS¶
Given the sensitive information that will be transferred using your JusticeWeb Web site, it is capable of running in a secure Hypertext Transfer Protocol Secure (HTTPS) environment. This combines HTTP and SSL/TLS protocol to give you a secure and encrypted channel in which to run the JusticeWeb Web site, providing your users and your organization a safe and reliable environment.
In order to enable HTTPS, there are a few configurations that must be completed.
Configure IIS¶
There are three tasks you must perform in IIS to enable HTTPS:
-
Configure IIS to use certificates
-
In IIS, click on the Server Certificates icon.
-
Create or import a certificate using the Actions group on the right hand side of the window.
For further help on how to create or import certificates, use the help located in the Actions group.
-
-
Configure an HTTPS binding for your JusticeWeb Web site
- In IIS, right click on the Web site you want to configure for HTTPS binding.
-
Select Edit Bindings.
-
Click the Add button on the Site Bindings dialog box.
-
In the Add Site Binding dialog box, select https in the Type drop-down box, and select the certificate you created in the SSL certificate drop-down box.
-
Click OK.
-
Force SSL to be required on the Payment Portal Web site and Web service
-
With the Payment Portal Web site selected in IIS, select SSL Settings from the menu.
-
In the SSL Settings window, select the Require SSL check box.
-
Repeat steps one and two for the Payment Portal Web service.
-
Configure the JusticeWeb web.config¶
- Open the JusticeWeb web.config file.
- Modify the connection string to match your local database.
-
Modify the endpoint address for the Payment Portal Web service to match your local installation or Journal 's shared address. It should look similar to this:
https://ppserver.logan.journaltech.com/Ndt.PaymentPortal.WebService/PaymentPortalService.svc
-
Modify the JustWare Web service endpoint address to match your locally installed JustWare Web service.
-
Add the following lines in the
<system.webServer>
section to add HTTPS redirect:<rewrite> <rules> <rule name="HTTP to HTTPS redirect" stopProcessing="true"> <match url="(.\*)" /> <!-- Require SSL must be OFF in the site settings --> <conditions> <add input="{HTTPS}" pattern="off" ignoreCase="true"/> </conditions> <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{REQUEST_URI}"/> </rule> </rules> </rewrite>
-
Change the Payment Portal's binding security,
<security mode="Message">
, to be<security mode="TransportWithMessageCredential">
. - Change the endpoint behavior for the Payment Portal to validate your certificate. Refer to Microsoft's WCF documentation to put in the correct validation code.
- Save, close, and recompile.
Configure the Payment Portal Web Site web.config¶
- Open the Payment Portal's Web site web.config file.
- Modify the connection string to match your local database where the Payment Portal database exists.
- Modify the SMTP settings to match your local SMTP server.
- Change the PaymentBaseUrl setting to match your Web site address.
- Save, close, and recompile.
Configure the Payment Portals's Web Service web.config¶
- Open the Payment Portal's Web Service web.config file.
- Modify the connection string to match your local database where the Payment Portal database exists.
- Modify the SMTP settings to match your local SMTP server.
- Modify the PaymentBaseURL setting to match your Web site address.
- Change httpGetEnabled to httpsGetEnabled.
- Change mexHttpBinding to mexHttpsBinding.
- Add a bindingConfiguration attribute to the Payment Portal service. There is a bindingConfiguration that you can use entitled wsHttpBindingConfig. This configuration disables the certificate checking by default.
- Change the endpoint behavior for the Payment Portal to validate your client's certificate. Refer to Microsoft's WCF documentation to put in the correct validation code.
- Save, close, and recompile.