This is where the superuser can configure the HTTP settings and enable https if wanted.
Site URI: Public HTTP or HTTPS URI to use when sharing links to the server. This field should be configured if running behind a proxy server where the local IP host or port isn't what is used for public access. Restart required.
Address: IP address to bind locally for HTTP ports. Restart required.
HTTPS Enabled: If false all traffic is handled in plaintext on 'httpPort'. If set to true, then all traffic is forced to use HTTPS on 'httpsPort' and requests to 'httpPort' are redirected. Restart required.
Once enabled, the user will be prompted with the below popup to upload their certificate and key files (unencrypted and PKCS12/PFX format) if not already uploaded via the Certificate Files button. Then enter any password for the keystore. This password would be needed to access the files.
Once done, the user will need to restart their DESIGO OPTIC service.
Then the DESIGO OPTIC instance will be reachable via HTTPS.
Note: If using a self-signed certificate, seeing a “Not Secure” warning is expected.
HTTPS is enabled by default and using a self-signed certificate. When the user first logs in, they will be presented with the below left screen warning them that the connection is not private. The user can upload their own if they would like to switch it or disable HTTPS afterwards. To continue, select the Advanced button and then on the “Proceed to <host> (unsafe)”. |
Certificate Files: Upload the certificate and key files needed for HTTPS. This is needed if HTTPS is to be enabled and used.
How to create a self-signed certificate and key files First the user will need a terminal that supports openssl. This is required to create the files. A couple example programs that have a terminal that supports openssl are Git and Cygwin, however there are other programs available that can do this as well. Once installed or already have an existing program, open the terminal (Git calls it “Git Bash”, different programs might name it differently). Then run this command below where “keyName” is the name you would like to use for the key, “365” is the amount of days you would like the certificate to be valid for, and “certificateName” is the name you would like to use for the certificate. If the user would like to have the files created in a desired area rather than in the default user folder. Then they can specify the path before the key name or certificate name. Keep in mind, the folders to that path must already exist. If the folders don’t exist, it won’t work. For example saving the files inside a folder called test under our user folder name: Once the command is executed, the user will be prompted to enter some information to incorporate into the certificate such as: Country Name (2 letter code) State or Province Name (full name) Locality Name (eg, city) Organization Name (eg, company) Organization Unit Name (eg, section) Common Name (eg, server FQDN or YOUR name) Email Address Once done, the files will be created in the user folder or wherever the terminal is pointing at or specified in the command. The user can then upload these files to use HTTPS. |
HTTP Port: Port for HTTP traffic. Restart required.
HTTPS Port: Port for HTTPS (only applicable if 'httpsEnabled'). Restart required.
Disable Error Trace: Disable showing exception stack trace for 500 internal server errors.
