Scenario 1 - Encrypted connection between the front-end web server and browser


Initial situation

Intrexx and the front-end web server are installed on the same (physical or virtual) server. In this scenario, an encrypted connection is required (only) between the front-end web server and the browser.
The certificate is added to the front-end web server.

The certificate of the web server including the certificate chain up to the certificate of the root CA is normally stored in the front-end web server. In addition, the private key, which belongs to the public key of the server certificate, is mandatory. The server cannot encrypt without it.

If the server certificate was signed by a private, i.e. not generally known CA, this must be included in the store of trusted CAs on the clients (computers, mobile devices, browsers, apps, etc.). Intermediate certification bodies in the certificate chain should also be included in the repositories provided for this purpose.

More information

Using a reverse proxy

Import certificate in IIS (Internet Information Service)

Step-by-step guide

To import a certificate in the IIS, proceed as follows:

  1. Start IIS.

  2. Select "Server certificates" on the start page.

  3. Click on "Open feature" in the right-hand navigation area.
    You will now be on the overview page for server certificates.

  4. Click on "Import" in the right-hand navigation area.
    The "Import certificate" dialog box is displayed.

  5. Select your certificate file and enter the corresponding password.

  6. Click on "OK".
    You will return to the overview of certificates.
    The imported certificate is displayed.
    You have imported a certificate into the IIS.
    You can now add the certificate to a website in IIS.

Add a certificate to a website in IIS

Initial situation You have already created a website in IIS.

Step-by-step guide

To add a certificate to an existing website in IIS, please proceed as follows:

  1. Start IIS.

  2. Select the website that you would like to add the certificate to.

  3. Click on "Bindings".

    The "Site bindings" dialog box is displayed.

  4. Select the corresponding binding.

  5. Click on "Edit".
    The "Edit site binding" dialog box is displayed.

  6. Select the desired certificate under "SSL certificate".
    You have added a certificate to an existing website in IIS.

Initial situation You create a new website in the IIS.

Step-by-step guide

To add a certificate to a new website in IIS, please proceed as follows:

  1. Start IIS.

  2. Select the "Sites" menu item in the left-hand navigation area.

  3. Click on "Add website" in the right-hand navigation area.
    The "Add website" dialog box appears.

  4. Select the "https" entry in the Type selection field.
    The "SSL certificate" selection field is displayed in the dialog box.

  5. Select the desired certificate under "SSL certificate".
    You have added a certificate to a new website in IIS.

More information

Add website in IIS

Add a certificate in NGINX

The encryption details for NGINX must be stored in the configuration files "portal-intranet.conf" or "portal-internet.conf".
You can find more information about NGINX in Intrexx under the following link: Configure NGINX.
General information on setting up encrypted connections in NGINX can be found under the following links:
NGINX SSL Termination
Configuring HTTPS servers