Tag: Configuring HTTPS

Categories
Knowledge Support Support Categories exacqVision Webservice Products

Manually Configuring HTTPS for Web Service Certificate and Key Path

The following steps are intended for manually setting the certificate and key path for exacqVision Web Service versions 8.4 and higher.

NOTE: Wildcard certificates cannot be uploaded through the exacqVision Web Service administration interface. However, they may be used when manually configured.

<br>

Products

  • exacqVision Web Service version 8.4 and above

<br>

Steps

  1. Find the web service configuration file:
    • Windows:  C:\ProgramData\Webservice\conf\wfe.json
    • Linux:  /etc/webservice/wfe.json<br><br>
  2. Open this JSON configuration file with the text editor of your choice.
    • Windows: Open the text editor choosing, ‘Run as Administrator’
    • Linux: Run with sudo privileges when needed.<br><br>
  3. Within this file, locate the top-level key ‘webserver’.<br><br>
  4. One level underneath the ‘webserver’ key, locate the ‘tls’ key.
    • Note: The ‘tls’ key is optional. If it does not exist, create it as such:
          "webserver": {
              "listen": 80,
              "tls": {
              }<br><br>
  5. Inside the ‘tls’ key, modify the values for the following fields (creating keys for them if they are not already present)
    • “type”:  The literal string “external” (including the quotes)
    • “listen”:  The port on which you want the web service to conduct HTTPS traffic. The default HTTPS port is 443. Provide this value as a literal number without quotes.
    • “cert”:  The absolute path to your HTTPS certificate (surrounded in double-quote markers, e.g. “/home/admin/certificates/webservice.cert”)
    • “key”:  The absolute path to your HTTPS private key (surrounded in double-quote markers as well)

      If you have followed these steps correctly, the contents of webserver key section of the wfe.json should now look something like the following:
          "webserver": {
              "listen": 80,
              "tls": {
                 "listen": 443,
                 "cert": "path/to/your/cert",
                 "key": "path/to/your/key",
                 "type": "none"
              }<br><br>
  6. Save your changes.<br><br>
  7. Restart the exacqVision Web Service.

<br>

Categories
Knowledge Support Support exacqVision Webservice Categories Products

Configuring HTTPS for ExacqVision Web Service

Version 8.4 and Higher


Using the provided Web Service configuration UI you are able to configure HTTPS support.

  1. Login to the configuration Interface here: http://127.0.0.1/service.web
  2. Click on the ‘Configuration’ link in the left hand navigation bar. This will expand with more options.
  3. Click on the ‘HTTPS’ link.
  4. Click on the ‘Configure’ button.
    If you already have an SSL certificate and private key (e.g. purchased from DigiCert, Thawte, GoDaddy, etc) choose External.
    Select “Let’s Encrypt / ACME” to provision a certificate and private key automatically. NOTE: There are prerequisites that have to be met to use this option.
  5. Follow the instructions for the chosen configuration below

<br>

Configuring HTTPS using an External Certificate

IMPORTANT: Wildcard certificates cannot be uploaded through the exacqVision Web Service administration interface. However, they may be used when manually configured. See Manually Configuring HTTPS for Web Service Certificate and Key Path for details.


NOTE: Both the certificate and private key must be PEM encoded. The private key should be in RSA format.

  1. Click on the File button next to the Certificate input and select the certificate to upload.
  2. Click on the File button next to the Private Key and select the corresponding private key to upload.
  3. (Optional) If you were given a certificate chain from your certificate provider click the File button next to the Certificate Chain input and select the chain certificate to upload.
  4. Click Apply to upload the files.
  5. Follow the prompts to restart the Web Service for the changes to take effect.
  6. (Optional) Modify the External URL of your Web Service to use HTTPS.
    • This option is found under Configuration | Basic

      NOTE: If you do not see any File buttons then you are using an older browser. Instead paste the contents of each file into the large text boxes provided.

<br>

Configuring HTTPS using Let’s Encrypt / ACME Server

Please check that the following prerequisites are met before proceeding.

A. Your Web Service is configured and running on the standard port (80)
B. Your Web Service is accessible over the internet at the domain name(s) you wish to provision a certificate for.

  1. In the input under Domain Name enter the domain name you wish to provision a certificate for.
  2. (Optional) If you have any Subject Alternative Names to add to the certificate enter them into the input under Subject Alternative Name(s)
  3. Click Apply
  4. A dialog should popup with the status of your request. Provisioning a certificate may take a few minutes, please be patient.
  5. If a certificate was issued successfully follow the prompts to restart the Web Service for the changes to take effect.
    • If an error is encountered attempt to solve the underlying issue before retrying. The production Let’s Encrypt service will rate limit you if you attempt too many times in a row. See https://letsencrypt.org/docs/rate-limits/ for more information.
  6. (Optional) Modify the ExternalURL of your Web Service to use HTTPS.
    • This option is found under Configuration | Basic

<br>

Version 8.2 and Lower

Follow the instructions to manually configure HTTPS support in the Web Service.

Windows: See Article 995
Linux: See Article 946

<br>