After installing AuthAnvil, administrators need to ensure that the authentication attempts are sent securely to the server using SSL. This requires that a SSL certificate is bound to the either the web site or the AuthAnvil virtual directories and web services. There are two methods for accomplishing this.
Note: For security reasons, AuthAnvil requires that there is a trusted third party issued SSL certificate is issued to the accessable name of the machine. For example, to use a machine called server1, which is accessible from the outside as authanvil.scorpionsoft.com as an AuthAnvil server, the SSL certificate that is installed on server1 must be issued to authanvil.scorpionsoft.com.
Use a Publicly Trusted Certificate
1.Purchase a third-party publicly trusted certificate from a trusted authority and bind it to a public address for your domain. This is the easiest solution, as all clients using agents will trust the certificate. It requires no intervention on the client side with the exception of changing the Web Service URL to include https://CertDomain/AuthAnvilSAS/SAS.asmx. After binding the certificate to the site running AuthAnvil in IIS, you will need to map the DNS so that external requests for the site will be passed to the server running AuthAnvil so that external authentication attempts can be made.
2.Run the AuthAnvil Web Config Editor, located by default at (C:\Program Files\Scorpion Software\AuthAnvil\Tools\AAWebConfigEditor.exe), and change the website URLs to reflect both the use of HTTPS rather than HTTP, and the use of the machine name that the SSL certificate is issued to, rather than localhost.
3.Log into AuthAnvil Manager and change the base URL to the friendly name of the certificate. ie: scorpionsoft.com
4.Open the web service from the client using the public address that the certificate uses. ie. https://scorpionsoft.com/AuthAnvilSAS/SAS.asmx. The site should open immediately if everything is in order.
5.Go back into IIS and under Directory Security for the site running AuthAnvil, enforce SSL.
Questions?
If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.