Enabling HTTPS in FotoWeb
First off, you need to configure FotoWeb to use the HTTPS protocol. This is done in the FotoWeb configuration on the Settings tab under Site | Identification
Switch the protocol to https. The port number changes to 443.
Enabling secure communications in IIS 7 - Windows Server 2008
In IIS 7 you should start by installing the server certificate before you set up the https binding to the website:
Creating or installing a server certificate
- Open the IIS Manager and click on the local computer. Then double-click the Server Certificates feature under IIS.
- If you have received a server certificate from a provider, click on Import in the Actions panel to the right.
To create a self-signed certificate, click on Create Self-Signed Certificate... and follow the instructions given.
IMPORTANT: We advise against using a self-signed certificate in a production environment. Obtain a signed certificate by a trusted provider to use TLS in a production environment.
Adding secure communications to the site
- In the IIS Manager, expand the Sites node and right-click on the site you want to modify.
- Select Edit Bindings from the context menu.
- Click on Add and choose https with port number 443.
- Also enter the public host name that the server will be accessed by.
- Finally choose the certificate you want to use for the connection. You can choose the certificate you imported in a previous step or a self-signed certificate.
Redirecting HTTP server requests to HTTPS
After configuring the server to use https, you'll probably want to enforce the use of https for all connections to the server.
This can be done by configuring a permanent url rewrite for all http requests to https.
Secure communications using Apache web server
When configuring https for FotoWeb running on an Apache server, the only allowed port is 443.
Other port numbers are not supported.
When running FotoWeb on the embedded Apache web server, a self-signed certificate is installed during the site setup.
This certificate should not be used for running FotoWeb in a production environment. Instead you must obtain a certificate from a trusted provider and place the certificate file in C:\ProgramData\FotoWare\FotoWeb\Site Settings\YOURSITE\Configuration.
Important: The certificate MUST be called YOURSITE.crt, where YOURSITE is the name of your site.
Certificate chain files
When using the embedded Apache web server, it is possible to use a certificate chain file in addition to your own certificate files.
The certificate chain file has to be called YOURSITE.chain.crt and must be placed in the “Configuration” folder of your site, e.g., C:\ProgramData\FotoWare\FotoWeb\Site Settings\YOURSITE\Configuration, together with your other certificate files.
If you add or remove a certificate chain file for a site, you have to restart FotoWeb for the change to take effect.
Troubleshooting port allocation with Apache web server.
When Apache is used to host FotoWeb both ports 80 and 443 must be availabe to FotoWeb. Learn how to troubleshoot if another application has laid claim to one of these ports.