Skip to main content

End-to-End SSL Configuration

Enable SSL (HTTPS) to fully encrypt communications between end-users, IIS, and all SEI services. By default, the installation secures internal service traffic with IIS, but may not secure connections from user browsers unless you complete these steps.

You may not need full end-to-end SSL for internal-only (intranet) deployments, but it is strongly recommended for external users or security-sensitive environments.

Enable End-to-End SSL

  1. Install all SEI services in Secure Mode.
  2. Open IIS Manager on your server.
  3. Click Server Certificates.
  4. Import your SSL certificate and enter the certificate password if required.
  5. Go to your Web Server site and click Bindings.
  6. Add a new binding:
    • Set the type to https.
    • Use port 443 (the standard HTTPS port) and select your imported certificate.
  7. Remove the existing HTTP binding to prevent unsecured access.
  8. If your deployment uses a custom HTTPS port, change the port of the HTTPS binding to match the value you chose during installation (default is 81).
  9. Open DistributionInstaller.exe.config and find the WebAppURL tag.
  10. Change the WebAppURL value from http to https.
  11. Open your web application's web.config file:
    • C:\Program Files\Nectari\Nectari Server\WebServer\Web.config
    • C:\Program Files\SEI\SEI Server\WebServer\Web.config
  12. Update any SSO configuration or redirect URLs in web.config to use https if applicable.