Assigning HTTPS Access to the Control Manager Web Console

During Control Manager installation you can choose the level of security when accessing the management console. The least secure only requires an HTTP connection. The most secure requires an HTTPS connection. If the least secure connection was selected during installation, you can change the access level after installation to the most secure connection.

You must obtain a certificate and set up the Control Manager virtual directory before you can start sending encrypted or digitally signed information to and from a Control Manager server.

  1. Obtain a Web Site Certificate from any certification provider (for example, Thawte.com or VeriSign.co).
  2. Log on to the Control Manager server.
  3. Click Start > Programs > Administrative Tools > Internet Services Manager to open the IIS Microsoft Management Console (MMC).
  4. Click the + sign adjacent to the IIS server to expand the virtual site list.
  5. Select Default Web Site and then right-click Properties.
  6. On the Default Web Site Properties screen:
    1. Click the Directory Security tab.
    2. Click Server Certificate to create a server certificate request using the new Certificate Wizard.
    3. Click Next.
    4. On the Server Certificate Method screen, select Import a certificate from a Key Manager backup file and then click Next.
    5. Type the key full path and file name (for example, cm_cert.key) and then click Next.
    6. Specify the key password and then click Next.
    7. On the Imported Certificate Summary screen, click Next to implement the server certificate or click Back to modify settings.
  7. Click OK to apply the Default Web Site server certificate and go back to the Default Web Site list.
  8. Select the Control Manager virtual directory from the Default Web Site list and then right-click Properties.
  9. Click the Directory Security tab and then click Edit under Secure communications.

    The Secure Communications window appears.

  10. Select Require secure channel (SSL) and Require 128-bit encryption.
  11. Click OK to close the Secure Communications window.
  12. Click OK to apply changes and go back to the Default Web Site list.

    The next time you access the web console using HTTP, the following message appears:

    You must view this page over a secure channel.