help.axcms.netAxinom Logo
Save Save Chapter Send Feedback

AxCMS.net over HTTPS

 

Securing Management System

First of all you should configure IIS to use HTTPS by adding HTTPS binding to your website. Note that you have to have only HTTPS binding for the site - having both HTTP and HTTPS binding usually does not make sense.

After IIS is configured and AxCMS.net login page opens over HTTPS, continue with configuring AxCMS.net to use HTTPS. First, change CMSApplicationHostName in web.config to use https, e.g. https://localhost

Then, change WCF configuration to use HTPPS

  1. Change <serviceMetadata> element:
    <serviceMetadata httpsGetEnabled="true" />
  2. Add          
    <security mode="Transport">
    <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
    </security>
    to <binding name="myServicesBinding"> element
  3. Change <endpoint address="mex"> element to
    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />

To allow AxCMS.net to render pages, your server root authority certificate has to be saved to AxCMS.net Root Authority.crt file in AxCMSweb root folder:

  1. Run certmgr.msc
  2. Go to Trusted Root Certification Authorities and find authority that matches authority of your server certificate
  3. Export it in DER encoded binary X.509 format to AxCMS.net Root Authority.crt file in AxCMSweb root folder.