Jump to content


Photo

Setting up SSL

Started by Aramis McVey , 07 April 2017 - 07:12 PM
3 replies to this topic

Aramis McVey Members

Aramis McVey
  • 56 posts

Posted 07 April 2017 - 07:12 PM

We currently have SF in place using http and looking at switching over to ssl, main reason for the self service password functionality. Majority of all our clients are remote and use a ptp vpn tunnel to connect to our network and then launch SF to access their apps. I'm not to familiar with working with certs but from my understanding, since the clients are not on our domain, we can't use a self signed cert we created correct? That would only work for internal clients on the domain? So we would have to purchase a standard ssl cert and import it into the SF server, correct? Theres no cert we would then have to import on the client side? After importing the cert, its just a matter of following the config for SF to use ssl and changing the base url to https. Since most clients are not on our domain, their current link that points to the http, will it automatically redirect to https once the switch is made? Or will we have to let all remote users know to update their link to the new base url with https?

 

Thanks



Carl Stalhood CTP Member

Carl Stalhood
  • 11,777 posts

Posted 07 April 2017 - 07:20 PM

If browser, you can easily implement a redirect on your load balancer or StoreFront server.

Aramis McVey Members

Aramis McVey
  • 56 posts

Posted 07 April 2017 - 07:33 PM

Thanks for the reply, can you point me to the config for the redirect in sf, any documentation? Thanks



Nicholas Burton Members

Nicholas Burton
  • 36 posts

Posted 13 April 2017 - 05:46 PM

SF uses IIS. Open IIS and look for URL Redirection under the default site. Your certificate binding will also be done here in IIS. You can simply point the redirect to your https URL.

The reason you would want to go with a public certificate is that clients will automatically trust the root and issuing CAs for these certificates.