Implementing secure connections

Following the installation of RC-Reporter, you can secure the connection between the RC-Reporter server and browsers accessing the application by:

  • Obtaining a trusted Secure Socket Layer (SSL) certificate.
  • Configuring Internet Information Services (IIS) to run RC-Reporter using Hypertext Transfer Protocol Secure (HTTPS).
  • Enabling an HTTP redirect to HTTPS.

For new installations of RC-Reporter, a browser on the localhost server accessing RC-Reporter on that localhost can continue to use HTTP because all communication traffic is internal to the localhost.

Obtaining a Trusted SSL Certificate

An SSL certificate is used to encrypt information transmitted over the internet. In a production environment it is recommended that you obtain an SSL certificate from a certificate authority (CA).

Use resources available on the internet to determine which certificate authority and type of SSL certificate will meet your company's operating environment, expense plans, and corporate and privacy policies.

See Additional SSL considerations for more information.

The following information describing how to configure IIS to use your SSL certificate for RC-Reporter assumes that you have obtained a trusted SSL certificate.

Configuring IIS to run RC-Reporter using HTTPS

Use the following steps to configure IIS to run RC-Reporter using HTTPS:

  1. On your server, start Internet Information Services (IIS) Manager.
  2. In the left pane, expand your server name and locate and expand Sites.
  3. Click RC-Reporter under Sites.
  4. In the Actions pane on the right, click Bindings to open the Site Bindings dialog box. There should be two bindings for RC-Reporter: one for localhost (or your server) and the other for everything else. You should make note of the current values for the bindings for backup purposes.
  5. Click Add to open the Add Site Binding dialog box. The default port is 443. There is no need to change this port value unless it is being used by another application.
  6. Select https in the Type list.
  7. Ensure that your SSL certificate is specified in the SSL certificate field and click OK.
  8. Repeat the previous steps from step 5 onward to add the https binding for all http binding entries that you want to convert to https.

Redirecting HTTP requests to HTTPS

The configuration required to redirect HTTP requests to HTTPS is specific to your network and IT infrastructure. Consult with your IT department to determine how to configure the redirection of HTTP requests to HTTPS.

© 2019 Reliable Controls Corporation. All rights reserved. Published October 29, 2019

More details

Additional SSL considerations