 |
When upgrading CloudM Migrate, IIS will be reset to its default configuration. You should re-apply any custom configurations you have made to the http://cloudmigrator.local site after an upgrade or reinstallation. Most commonly, this will affect SSL bindings to public facing URLs. |
Additional steps are required to setup HTTPs in IIS when authenticating with Box to use OAuth2.
For older versions of Windows Server, Download and install IIS 6.0 Management Compatibility Components. If not already installed.
Download Internet Information Services (IIS) 6.0 Resource Kit Tools and install SelfSSL 1.0 (if you do a Custom install, you can uncheck everything except for SelfSSL). Windows 2019 does not require this.
Automatically configure using a Powershell Script
The attached Powershell script will automatically create a certificate and HTTPS bindings for cloudmigrator.local. To run the script:
- Download the script onto your primary server.
- Open PowerShell or PowerShell ISE as an administrator on your primary server (right-click More>Run as administrator).
- Navigate to the directory you downloaded the script.
- Run the script by typing '.\BoxCert.ps1' or in ISE by File>Open and run the script with F5 or the green Run Script arrow.
- You can verify that the script has executed successfully by opening IIS and right clicking on 'HOSTNAME/Sites/cloudmigrator.local/Edit Bindings...'. You should see a second entry with type 'https'.
- If the certificate was successfully created but it did not Bind correctly to https port (443), manually go into the IIS Manager and Bind it following the procedure outlined in Step 4 under the "Generate a Self Signed Certificate with the Correct Common Name" section.
 |
If you get an error about the file not being digitally signed then you will need to change the Execution Policy by running Set-ExecutionPolicy -ExecutionPolicy Bypass in Powershell first |
Manually configure
If you cannot use the Powershell script, or prefer to manually configure the setting, please follow the instructions based on a Windows 2008 server on finding the IIS Site ID and generating and adding the Self-Signed certificate below.
IIS Site ID
-
Click 'Start'.
-
In the 'Start Search' box, type 'inetmgr' and press ENTER.
- Double click on your server name to expand.
- Click on 'Sites'.
Make a note of the 'ID' of the site.
Generate a Self Signed Certificate with the Correct Common Name
-
Click 'Start'.
-
In the 'Start Search' box, type 'SelfSSL' and press ENTER.
-
Run the following command /S:2 is the 'ID' of your site in IIS from step 4. /P:443 is the default port for HTTPS.
SelfSSL /N:CN=cloudmigrator.local /V:1000 /S:2 /P:443 /T /K:204
- In IIS right click on 'cloudmigrator.local' and select click 'Edit Bindings...'
- Select 'https' and click 'Edit'
- Select 'https' and click 'Edit'
Add the Self Signed Certificate to Trusted Root Certificate Authorities
-
Click on the Start menu and click Run.
-
Type in mmc and click OK.
-
Click on the File menu and click Add/Remove Snap-in...
-
Double-click on Certificates.
-
Click on Computer Account and click Next.
-
Leave Local Computer selected and click Finish.
-
Expand the Certificates item on the left and expand the Personal folder. Click on the Certificates folder and right-click on 'cloudmigrator.local' and select Copy.
-
Expand the Trusted Root Certification Authorities folder and click the Certificates folder underneath it. Right-click in the white area below the certificates and click Paste.
In the FireFox browser you will get the below screen. Click on 'Add exception' and then 'Confirm Exception'
Comments
0 comments
Please sign in to leave a comment.