You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

You may need to enable SSL on SQL Inventory Manager 2.6 REST service for access over HTTPS with a self signed certificate. Follow the instructions below.  

Using a self-signed certificate

Using a self-signed certificate only works with both IDERA Dashboard and SQL Inventory Manager installed on a local machine.


To Create a new self-signed certificate follow the instructions bellow.

  1. Open a PowerShell window and run the command below.

    New-SelfSignedCertificate -DnsName "<host-name>" -CertStoreLocation "cert:\LocalMachine\My"
  2. Copy the certificate hash the command above returns.

  3. Open CMD as Administrator and run the command below.

    netsh http add sslcert ipport=0.0.0.0:9276 certhash=<certficate-hash> appid= {random-guid} clientcertnegotiation=enable

Using a CA issue certificate

This works both on a local and a remote machine.

Get certificate hash, refer below on how to do this


b. Customer uses CA issued certificate - this will work on both local and remote machine
i. Get certificate hash, refer below on how to do this
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-retrieve-the-thumbprint-of-a-certificate
ii. Add binding for newly created certificate with port 9276 (Step 2 in "Steps to add self-signed certificate" section below)


Description

1. With SIM 2.6, we have implemented new features using Sencha JS
2. API (GET and POST) calls are made from Sencha JS (from browser, i.e. client side) to SIM 2.6 Rest service
3. Following are the ways to access SIM application

b. Application over HTTPS (https://<hot-name>:9291)

5. For scenario 3.b to work, we need to enable SSL on SIM 2.6 REST service
6. For enabling SSL on SIM 2.6 REST service,

b. Configuration of SSL certificate for SSL binding added in step 6.a (This will be manual activity which will be done by the customer)

7. For configuration of SSL certificate in step 6.b; below are the two scenarios,
a. Customer uses self-signed certificate - this will work only on local machine

i. Create a new self-signed certificate (Step 1 in "Certificate configuration" section below)
ii. Add binding for newly created certificate with port 9276 (Step 2 in "Certificate configuration" section below)
iii. Trust the certificate once before using application
1) Open below URL in browser
https://nit-lpt-0177:9276/SQLInventoryManager/v3/help
2) Trust the certificate


b. Customer uses CA issued certificate - this will work on both local and remote machine
i. Get certificate hash, refer below on how to do this
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-retrieve-the-thumbprint-of-a-certificate
ii. Add binding for newly created certificate with port 9276 (Step 2 in "Steps to add self-signed certificate" section below)



  • No labels