HTTPS

Installation

1. General

Data transferred by Intrexx can be encrypted via HTTPS. The data is encrypted using SSL or TLS. To establish a secure connection, an SSL/TSL certificate is required for the server that the secure connection should be made to. Even self-signed certificates can be integrate. However, a third-party cannot testify to the authenticity of the data in this case. You can create the certificate yourself via OpenSSL.

2. HTTPS protocol in IIS




So that your portal can be accessed under encryption via the HTTPS protocol when using the IIS web server, the SSL certificate needs to be imported with the IIS Manager. To import the certificate into IIS, double-click on the item "Server Certificates" in the category "IIS" at the server level.



Click on "Import" under "Actions" on the right-hand side.



You can now import your certificate (pfx format). Afterwards, you need to select the certificate you just imported under "Bindings" of the default website. Confirm the current dialog with OK.



Select "Default Web Site" on the left-hand side and select the action "Bindings". Select you site binding and define the certificate you just imported.

3. HTTPS protocol in NGINX as reverse proxy




To be able to use NGINX as a reverse proxy for Intrexx, this needs to be configured first. You can use the provided template configuration files to do this. These are available in the installation directory samples/web-tls-configuration/NGINX/portal-intranet.conf.

4. Open portal with secure HTTPS




Communication between the reverse proxy web server (IIS or NGINX) and the embedded Tomcat web server can be encrypted in the portal properties. If the reverse proxy web server is already encrypted, an additional encryption is not necessary. The encryption between the web server and the browser only takes place in the web server.

5. More information

Installation / Preparations