Enabling SSL on a website requires that an SSL certificate is installed on the web server. An SSL certificate is a small file that the web server uses to prove its identity and establish a trusted connection with the browser that is trying to access Microsoft Dynamics NAV Web client.
When a browser connects to the Microsoft Dynamics NAV Web client, the web server replies by sending its certificate to the browser. This certificate contains the web server's public encryption key and the name of the authority that granted the certificate. The browser verifies the certificate using the authority's public key.
Note You can configure SSL for the Microsoft Dynamics NAV Web client when you install the Microsoft Dynamics NAV Web Server components.
Obtaining an SSL Certificate
In a production environment, you should obtain an SSL certificate from a certification authority. Some large organizations may have their own certification authorities, and other organizations can request a certificate from a third-party organization. In a test environment or development environment, you can create your own self-signed certificate.
To create a self-signed SSL certificate
Open Internet Information Services (IIS) Manager, on the Start menu, choose Administrative Tools, and then choose Internet Information Service (IIS) Manager.
- In the Connections pane, choose the top-level node for the server.
- On the Home page, under IIS, choose Server Certificates, and then in the Actions pane, choose Open Feature.
- On the Server Certificates page, choose Create Self-Signed Certificate.
- In the Specify Friendly Name dialog box, type a brief name for the certificate, and then choose the OK button.
The new certificate appears on the Server Certificate page.
Adding an HTTPS Binding That Uses the Certificate on the Microsoft Dynamics NAV Web Client Site
After you get the certificate, you add a binding to the https protocol on the website. When you add the binding, you associate it with the certificate.
To add an https binding with the certificate to the website
- Open Internet Information Services (IIS) Manager.
- In the Connections pane, expand the Sites node, and then choose the Microsoft Dynamics NAV Web client site to which you want to add the binding.
By default, the site has the name Microsoft Dynamics NAV 2016 Web Client.
- In the Actions pane, choose Bindings.
- In the Site Bindings dialog box, choose Add.
- In the Add Site Binding dialog box, set the Type field to https.
You can use the default port 443 or change it to another port. If you change it to another port, you will have to provide the port number in the URL when you try to open the client.
- Set the SSL certificate field to the certificate that you obtained or created for the site.
- Choose the OK button, and then choose the Close button.
Redirecting HTTP to HTTPS (Optional)
To ensure that users always access the site that is secured with SSL, you can automatically redirect HTTP requests to HTTPS. This means that users do not have to explicitly include https in the URL in the browser.
For example, the nonsecure URL of the Microsoft Dynamics NAV Web client could be
http://mywebclient:8080/DynamicsNAV90/WebClient
The secure URL could be
https://MyWebclient:443/DynamicsNAV90/WebClient
If a user types
http://MyWebclient:8080/DynamicsNAV90/WebClient,
the browser automatically redirects to
https://MyWebclient:443/DynamicsNAV90/WebClient
There are different ways to redirect HTTP requests to HTTPS.
The following procedure describes how to redirect HTTP requests to HTTPS by installing the Microsoft Application Request Routing for IIS 7 and modifying the web.config file for the Microsoft Dynamics NAV Web client.
To redirect HTTP to HTTPS
- Download and install Microsoft Application Request Routing for IIS. You can use one of the following links:
- Microsoft Application Request Routing Version 2 for IIS 7 (x64)
- Microsoft Application Request Routing Version 2 for IIS 7 (x86)
- On the computer that is running Microsoft Dynamics NAV Web Server components, open the web.config file for the web server instance for Microsoft Dynamics NAV Web client. Use a text editor, such as Notepad.
The web.config file is located in the physical path of the web application on IIS. By default, the path is
%systemroot%\inetpub\wwwroot\[VirtualDirectoryName]\WebClient.
For example, the folder for the default Microsoft Dynamics NAV Web client application is
%systemroot%\inetpub\wwwroot\DynamicsNAV90\WebClient.
- In the <system.webServer> element, add the following elements.
<rewrite>
<rules>
<rule name="Redirect to HTTPS">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{SERVER_NAME}/{R:1}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
- Save the web.config file.
No comments:
Post a Comment