By default, Active Roles users connect to the Web interface using a HTTP protocol, which does not encrypt the data during communication. However, it is recommended to use a HTTPS protocol to transfer data securely over the web. You can use the Force SSL Redirection option in the Configuration Center to enable secure communication over HTTPS for the Web interface on local or remote servers.
To configure the Web interface for secure communication for the first time
- In the Configuration Center main window, click Web Interface.
- To modify the secure communication settings for the sites, click Force SSL Redirection.
The Manage Force SSL Redirection Settings for sites window is displayed.
- In the Available Websites field, select the required web site from the drop-down list.
The configuration status of the website is displayed.
- To enable the force SSL redirection, switch between the Enable Force SSL Redirection states. Turn it on.
- If the website is not configured earlier for secure communication, the Enable Force SSL Redirection option is not selected by default and the HTTPS configuration status is shown as Not configured.
- If the website is configured earlier for secure communication, then the Enable Force SSL Redirection option is selected by default and the HTTPS configuration status shows as Configured.
- If the website is configured earlier for secure communication, and the SSL bindings was deleted in the IIS site, the Enable Force SSL Redirection option is selected by default. The status Binding Deleted is displayed. In this case, the secure communication must be configured again for the web site.
- In the Available HTTPS Bindings field, click the drop-down list and select the required binding for the web site.
- Click Modify.
After successful completion of configuration changes, in the Web Interface window, the Force SSL Redirection configuration state for the selected web site is displayed as green and enabled.
- Click Finish.
NOTE: The browser cache must be cleared after any changes are made to SSL settings.
For the configured web site, any HTTP communication is now redirected to HTTPS automatically.