Skip to main content
Skip table of contents

DPE and HTTPS


Minimum software versions required for HTTPS

Component
Minimum Version
DPE Server1.7.193
  • A DPE Server supports HTTPS or HTTP, but not both
  • Silverlight Admin pages do not work currently

Create a self-signed certificate on the DPE Server machine

Note: This is not needed in a productive environment, only for testing. Use an officially signed certificate in productive environments.

Step
Description
1

Open IIS Management, select machine and double-click on Server Certificates:

2

Click on Create self-signed certificate:

3

Enter a name for your certificate and choose a storage (Personal or Webhosting).

The key difference between Web Hosting store and Personal store is that Web Hosting store is designed to scale to higher numbers of certificates.

Enable HTTPS for the DPE Server web site

Step
Description
1

Open IIS Management and click Bindings for your web site:

2

Add a binding for HTTPS and select your certificate:

Adapt web.config for DPE web services (WCF/SOAP)




Add a security tag for the default basicHttpBinding:

XML 
<basicHttpBinding>
    <binding maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647" >
        <readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647"/>
        <security mode="Transport">
            <transport clientCredentialType="None" />
        </security>
    </binding>
</basicHttpBinding>

instead of

XML 
<basicHttpBinding>
    <binding maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647" >
        <readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647"/>
        <!--
        <security mode="Transport">
            <transport clientCredentialType="None" />
        </security>
		-->
    </binding>
</basicHttpBinding>

Adapt web.config for DPE web services (WCF/REST)




Add a security tag for the default webHttpBinding:

XML 
<webHttpBinding>
    <binding name="">                   <!-- default config -->
        <security mode="Transport" />   <!-- enable SSL for HTTPS -->
    </binding>

instead of

XML 
<webHttpBinding>
    <binding name="">                   <!-- default config -->
		<!--
        <security mode="Transport" />   
		-->
    </binding>


Adapt httpGetEnable / httpsGetEnabled in web.config




In case of HTTPS the option httpGetEnabled must be set to "false"

XML 
      <serviceBehaviors>
        <behavior name="ServiceBehavior">
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
          <!--  To avoid disclosing metadata information, 
                 set the value below to false and remove the metadata endpoint above before deployment  -->
          <serviceMetadata httpsGetEnabled="False" httpGetEnabled="False"/>
          <!--  To receive exception details in faults for debugging purposes, 
                 set the value below to true.  Set to false before deployment 
                 to avoid disclosing exception information  -->
          <serviceDebug includeExceptionDetailInFaults="True"/>
          <serviceAuthorization serviceAuthorizationManagerType="David.Dpe.DpeFramework.ServiceModel.BasicAuthServiceAuthorizationManager, David.Dpe.DpeFramework"/>
        </behavior>
      </serviceBehaviors>

instead of

XML 
      <serviceBehaviors>
        <behavior name="ServiceBehavior">
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
          <!--  To avoid disclosing metadata information, 
                 set the value below to false and remove the metadata endpoint above before deployment  -->
          <serviceMetadata httpsGetEnabled="False" httpGetEnabled="True"/>
          <!--  To receive exception details in faults for debugging purposes, 
                 set the value below to true.  Set to false before deployment 
                 to avoid disclosing exception information  -->
          <serviceDebug includeExceptionDetailInFaults="True"/>
          <serviceAuthorization serviceAuthorizationManagerType="David.Dpe.DpeFramework.ServiceModel.BasicAuthServiceAuthorizationManager, David.Dpe.DpeFramework"/>
        </behavior>
      </serviceBehaviors>


FAQ

Id
Question
Answer
1The browser shows a name mismatch error?https://www.digicert.com/ssl-support/certificate-name-mismatch-error.htm
2Can I use the same certificate for different servers?There are different types of certificates. Some are signed for a single dedicated server name. Some can be used for multiple names.
3Can I sign a certificate for a DNS name and use it for whatever physical machine is mapped to this name?
TODO I hope so, but we have to learn more...
4What is the difference between Personal or Webhosting storage?The key difference between Web Hosting store and Personal store is that Web Hosting store is designed to scale to higher numbers of certificates.
5Which types of certificates exist?https://support.dnsimple.com/articles/ssl-certificates/#traditional-singlename
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close