It is HIGHLY recommended that all communications between a users browser and the AuthAnvil Password Server be done over a secure socket layer (SSL) connection. To accomplish this, a SSL certificate must be installed on the IIS server where the AuthAnvil Password Server resides.
We recommend using a trusted public CA such as Verisign, Inc to obtain the certificate. This solution is particularly good if you want to enable secure communications for authentication agents over the public Internet, where your AuthAnvil Password Server will be exposed publicly.
To enable SSL for the AuthAnvil Password Server website after you have a certificate installed in IIS, follow these steps:
- Launch the IIS Manager, and expand Sites.
- Click on the website where the AuthAnvil Password Server is installed and click Bindings under the actions menu.
- Click Add
- Change the type from http to https, set your IP address and port, and chose a certificate from the SSL certificate dropdown menu.
- Click OK and then Close to apply the binding.
- Now test if secure communications with SSL are working by attempting to connect to the AuthAnvil Password Server website (https://passwordserver.yourdomain.com/aaps), and making sure that you can successfully connect with no certificate errors.
To re-configure the Password Server Service URL please see this article.
If you have any questions or need some help, we would be happy to assist. Open a case atkaseya.zendesk.com.