Using SSL Transport in Webspace

When using self-signed certificates with Webspace, these steps outline the setup for running in Webspace over HTTPS.

  1. Create your certificate authority and generate the SSL certificate. The commands needed to create CA key and certificate are:
    openssl genrsa -out ca.key 2048
openssl req -sha256 –new –key ca.key -out ca.csr
  2. Create the ca.cfg file with the following content:
    extensions = x509v3
[ x509v3 ]
subjectAltName = email:copy
basicConstraints = CA:true,pathlen:0
nsComment = "GE Vernova CA"
nsCertType = sslCA
  3. Create the CA certificate using command: 
     openssl x509 –req -sha256 –extfile ca.cfg –days 1825 –signkey ca.key –in ca.csr -out ca.crt
  4. Rename ca.cfg to server.cfg.
  5. Remove the basicConstraints line.
  6. Modify nscomment to reflect your Company Name.
  7. Change nsCertType to 'server'.
  8. Create a file to hold certificate serial numbers by running the command:
    echo 01 > ca.serial
  9. Create the server key and certificate signed by the CA using below commands:
    openssl genrsa –out server.key 2048
openssl req -sha256 –new –key server.key –out server.csr 
openssl x509 –req -sha256 –extfile server.cfg –days 1825 –CA ca.crt –CAkey ca.key –CAserial ca.ser
ial –in server.csr –out server.crt
    Note:
    In options common name part is the host name of the server.
  10. Assign the generated server certificate in step Webspace Admin Console on the Options > Security tab.
  11. Restart the Proficy Webspace Application publishing service.
  12. In the IIS manager window, select the host name and then Server Certificates.

  13. In the Server certificates window, click Create Self Signed Certificate.
  14. Select the Default website and Bindings option.

  15. Add a HTTPS binding with the certificate created in the previous step.

  16. Restart the Default website in IIS manager
  17. Confirm that IIS is setup correctly by opening a browser and enter the https://hostname. It should open the IIS default page. This indicates that the https settings in IIS are configured correctly.
  18. Try to connect to an application in the Webspace client. This should start the iFIX or CIMPLICITY application in the Webspace browser window.