StifleR
2.6
2.6
  • Start Here - StifleR 2.6
  • StifleR 2.6.x.x
    • StifleR - Release Notes
    • What's New
    • QuickStart Guide
      • Installation
        • Manual Server Installation
        • StifleR Client Installation
        • StifleR Network Locations
        • Example StifleR Rules Definition
    • Planning & Deployment Guide
      • TL;DR version
      • StifleR Overview
        • The StifleR Solution
      • Features Overview
        • Other Features
      • Technical Overview
        • StifleR Standard Features
        • StifleR Enterprise Features
      • Planning Your StifleR Implementation
        • Firewall Ports
        • Supported Clients
        • Networks in StifleR
        • Permissions
      • Installation
        • StifleR Server Installation
        • Dashboards, Client and Beacon Server Installation
        • Post Installation Checks
        • Testing Quick Start Guide
      • Troubleshooting
        • BranchCache across Subnets
      • StifleR Generic Concepts
        • Red Leader
        • Enterprise Environment - Blue Leader
      • Bandwidth Management
        • Bandwidth Tuning Monitoring and Control
      • StifleR WMI Provider
      • StifleR Feature Details
        • StifleR Enterprise Edition Features
      • Further Reading
    • StifleR Operations
      • Maintenance tasks
      • Backup and Recovery
        • Moving the StifleR Server Databases to a New Drive on the Same Server
    • StifleRulez.xml Configuration Guide
      • The Match – TypeData
        • When the Job Title Isn’t Suitable
        • ConfigMgr Specific Rules
      • The Setting - DownloadTypes
        • Delivery Optimization Jobs
      • Sample StifleRulez.xml
    • Securing StifleR Operations with SSL
      • Pre-Requisites
      • Securing the StifleR SignalR Endpoint
        • Binding certificates to SSL Ports for SignalR/StifleR
      • Running SignalR with SSL
      • IIS Configuration
      • Appendix A: Certificates
        • Using IIS to create a self-signed Certificate
        • Using a full IIS Certificate
      • Appendix B:Finding the CertHash
Powered by GitBook
On this page
  • Clients
  • SignalR Dashboard URL Configuration
  • StifleR Service Endpoint
Export as PDF
  1. StifleR 2.6.x.x
  2. Securing StifleR Operations with SSL

Running SignalR with SSL

With the certificate installed, switching SignalR to start with SSL is as easy as changing the startup URL on both the clients AND StifleR Server, and configuring IIS for secure Dashboard access.

Clients

On new and existing StifleR Clients, setting the SSL info is performed within the StifleR.ClientApp.config file which resides in the StifleR Client installation folder:

<add key="StiflerServers" value="https://SERVER.2PSTEST1.LOCAL:1414”/>

SignalR Dashboard URL Configuration

To configure the Web Page which will consume the SignalR service change the script URL that loads up the SignalR client library for the Dshboards or connections in your app.js file ( \Installation Path\StifleR\Dashboards\App\App.js) as follows:

app.value('backendServerUrl', 'https://2PINT.2PINT.LOCAL:1414');
app.constant('backendLocationServerUrl', 'https://2PINT.2PINT.LOCAL:9000/api');

where the URL strings are the local machine name to which the certificate is registered.

As with all certificates make sure that the domain name exactly matches the certificate's name. For local machines this means that you cannot use localhost or the NetBiosName (as it will be by default). Don't use your IP address either! - Use only the name to which the certificate is assigned.

StifleR Service Endpoint

You'll also need to assign the Dashboards URL to your SSL URL as part of the SignalR startup routine that is used internally in the Stifler Server Service:

<add key="ListenToUrl" value="https://*:1414/" />
<add key="LocationWSListenToUrl" value="https://*:9000/"/>

This binds SignalR to the all IP addresses on Port 1414. You can also specify a specific IP address, but using * is more portable especially if you set the value as part of a shared configuration file.

PreviousBinding certificates to SSL Ports for SignalR/StifleRNextIIS Configuration

Last updated 2 years ago