hpl123 wrote
I use Winacme for all my https certificates and integrates with IIS so it does all of the work for you + the certificates are free (using Let´s Encrypt). Here you can download Winacme: https://www.win-acme.com/ and here are quick steps on how to configure IIS as a reverse proxy with Aware:
- Make sure IIS is setup to work as a reverse proxy (https://docs.microfocus.com/OMi/10.62/Content/OMi/AdminGuide/Hardening/RevProxy_IIS.htm#Configure i.e the application request routing, url rewrite, enable proxy etc. and for this setup you don´t need to do the farm settings things).
- Create a site for your app so say I want to have https://myapp.com/ I create a site for that URL with a local folder in the inetpub wwwroot folder (just create a new folder and add the path in the physical path field) and only create the site with port 80 so don´t do anything related to HTTPS (443 port etc.).
- Point your domain DNS to your server IP and make sure the DNS works (after an hour or so) by visiting your domain and you should then see the IIS welcome page.
- Start Winacme (after having installed it) and there select the "New certificate" option and follow the instructions. Winacme will create a certificate for your domain and also do all of the HTTPS related IIS settings.
- Add reverse proxy rules in the web.config file located in your local folder from step 2. Here is an example I use and you should be able to just copy this entire block of text into the web.config file and if you don´t have a web.config file, create it:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS redirect" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" />
</rule>
<rule name="ReverseProxyInboundRule1" enabled="true" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://localhost:8080/{R:1}" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
- Test and make sure it works (go to https://myapp.com/AwareIM/loginAdmin.html and log in and test so everything works).
PS: The reverse proxy via IIS has a timeout of 30 seconds so you know that which means if you run longer Aware operations that take more than 30 seconds, IIS close the connection. You can change that in the IIS proxy settings.
Hello hpl123, Thanks for your help.
On the other hand, when I try to configure an SSL certificate for IIS by Winacme, I get this response in their application.
However, as you can see I have a website in IIS so why is it writing that it can't find a website.
In more, I make sure IIS is setup to work as a reverse proxy as you can see.
I also created for the URL with a local folder in the path inetpub/wwwroot as you can see on the screenshot below.
So can you tell me if there's something I'm not doing right. Unfortunately, I can't show more than 3 screenshots per query. So if everything I've done so far is correct, let me know and I'll send you another answer with more screenshots showing how I got my domain's DNS to point. to the IP of my server and also I will show you that I have put the script that you sent me in the web.config file.
Because at the moment it doesn't work, because when I go to my domain name it only says that this site is inaccessible and that it took too long to respond.
In closing, do you think it would be easier to simply add an SSL certificate on the Tomcat server of the Aware IM software.
Thanks for your help.
