StifleR
2.6
2.6
  • Start Here - StifleR 2.6
  • StifleR 2.6.x.x
    • StifleR - Release Notes
    • What's New
    • QuickStart Guide
      • Installation
        • Manual Server Installation
        • StifleR Client Installation
        • StifleR Network Locations
        • Example StifleR Rules Definition
    • Planning & Deployment Guide
      • TL;DR version
      • StifleR Overview
        • The StifleR Solution
      • Features Overview
        • Other Features
      • Technical Overview
        • StifleR Standard Features
        • StifleR Enterprise Features
      • Planning Your StifleR Implementation
        • Firewall Ports
        • Supported Clients
        • Networks in StifleR
        • Permissions
      • Installation
        • StifleR Server Installation
        • Dashboards, Client and Beacon Server Installation
        • Post Installation Checks
        • Testing Quick Start Guide
      • Troubleshooting
        • BranchCache across Subnets
      • StifleR Generic Concepts
        • Red Leader
        • Enterprise Environment - Blue Leader
      • Bandwidth Management
        • Bandwidth Tuning Monitoring and Control
      • StifleR WMI Provider
      • StifleR Feature Details
        • StifleR Enterprise Edition Features
      • Further Reading
    • StifleR Operations
      • Maintenance tasks
      • Backup and Recovery
        • Moving the StifleR Server Databases to a New Drive on the Same Server
    • StifleRulez.xml Configuration Guide
      • The Match – TypeData
        • When the Job Title Isn’t Suitable
        • ConfigMgr Specific Rules
      • The Setting - DownloadTypes
        • Delivery Optimization Jobs
      • Sample StifleRulez.xml
    • Securing StifleR Operations with SSL
      • Pre-Requisites
      • Securing the StifleR SignalR Endpoint
        • Binding certificates to SSL Ports for SignalR/StifleR
      • Running SignalR with SSL
      • IIS Configuration
      • Appendix A: Certificates
        • Using IIS to create a self-signed Certificate
        • Using a full IIS Certificate
      • Appendix B:Finding the CertHash
Powered by GitBook
On this page
  • Introduction
  • Microsoft Configuration Manager and SSL
  • What exactly do we need to secure?
Export as PDF
  1. StifleR 2.6.x.x

Securing StifleR Operations with SSL

PreviousSample StifleRulez.xmlNextPre-Requisites

Last updated 2 years ago

Introduction

This is a companion document to the StifleR Planning and Deployment Guide. It details the steps required to secure 2Pint Software StifleR components using SSL.

Securing StifleR is pretty straightforward, but as with anything involving Microsoft Security and Certificates, you need to get it exactly right or it just won’t play ball.

This document is intended to provide some details around this configuration and hopefully a more coherent description of setting up a certificate for self-hosting SignalR, the communication platform upon which StifleR is built.

Microsoft Configuration Manager and SSL

If you are using Microsoft System Center Configuration Manager (SCCM) and are interested in securing StifleR then it is likely that you have already secured SCCM. In this case your job is easier as you can reuse the Certificates that you have already put in place for SCCM.

What exactly do we need to secure?

A couple of areas of concern:-

The SignalR Endpoints (the StifleR Service that the Clients talk to), and the Web API which is used by the dashboards and/or scripts. See for more info

Ports - By default, the StifleR Service listens on Port 1414 and the Dashboards on 9000. Certificates should be bound to these Ports in order to enable secure communication over these channels. See Running StifleR with SSL

Securing the StifleR Endpoint