How to set up HTTPS For AppsWatch?

Instruction to setup HTTPS on AppsWatch

The https is supported as of AppLoader, AppsWatch, and ScenarioBuilder version 8.3.7.4 and up. 

1. Get your private.key and certificate.crt files either through OpenSSL or some other trusted website.

To create the two files using the included OpenSSL file:

  • Open command line
  • cd "APPLICATION_PATH/webserv/bin"  
  • run these commands one after another:
    • openssl genrsa -aes256 -out private.key 2048
    • openssl rsa -in private.key -out private.key
    • openssl req -new -x509 -nodes -sha1 -key private.key -out certificate.crt -days 36500 -config
      "APPLICATION_PATH/webserv/conf/openssl.cnf"

2. Copy the "private.key" and "certificate.crt" files from "APPLICATION_PATH/webserv/bin" folder into
"APPLICATION_PATH/webserv/conf/ssl" folder (create ssl folder if missing)

3. Download and Copy the attached file httpd-ssl.conf file into
"APPLICATION_PATH/webserv/conf/extra" folder (create the "extra" folder if missing)

httpd-ssl.conf for AppLoader and AppsWatch

httpd-ssl.conf for AppVerify and RPA

4. Edit the file httpd-ssl.conf and make sure that the file has the correct values in it

5. Edit "APPLICATION_PATH/webserv/conf/httpd.conf" file

  • Add # before Listen 8888 to comment out the line.
  • Add the following lines after LoadModule authz_core_module modules/mod_authz_core.so:

Include conf/extra/httpd-ssl.conf

LoadModule ssl_module modules/mod_ssl.so

6. Make sure "APPLICATION_PATH/webserv/bin/php.ini" and  "APPLICATION_PATH/webserv/bin/bin/php.ini" files have "extenstion=php_openssl.dll" un-commented. Add the line if missing in the list of extensions.

7. Restart AppsWatch services from Windows Task Manager

8. In order for ScenarioStations to communicate securely, do the following:

  • Go to "PATH_TO_ScenarioStation/sstation.ini"
  • Edit the .ini file and add the secure=yes option or uncomment if it already exists.
  • Optional: change all http ports (8888 by default) to https 443

9. In Scenario Builder you should change the following options from Options > Base:

a.  Make sure to add "https://" before the controller address

b.  Make sure that the port number is 443 for the controller