Configure LiveCompare to run using HTTPS/SSL

HTTPS is a secure communications channel that uses Secure Sockets Layer (SSL). We recommend that LiveCompare is set up to run in this configuration. To configure LiveCompare to run using HTTPS/SSL, carry the following steps:

Configure your web server for HTTPS/SSL

To enable SSL in IIS on the LiveCompare server, you must first obtain and install a certificate that is used to encrypt and decrypt the information that is transferred over the network. This can be done as follows. Note that the steps in this section should be skipped if you have already obtained and installed a certificate for your LiveCompare server.

Obtain a certificate

To obtain an SSL certificate, carry out the following steps.

  1. Start Internet Information Services Manager, and select the server in the Connections pane.

Internet Information Services (IIS) Manager.

  1. Double-click ‘Server Certificates’ in the IIS section of the server home page.

Internet Information Services (IIS) Manager - Server Certificates.

  1. Click ‘Create Certificate Request…’ in the Actions pane. The following dialog is displayed.

Request Certificate diialog.

  1. Complete the dialog fields as follows:
Field Description
Common name The fully qualified domain name (for example, www.yourdomain.com).
Organization Your company’s registered name.
Organizational unit Your department name.
City/locality The city where your company is legally located.
State/province The state or province where your company is legally located.
Country/region The country or region where your company is located.
  1. Click ‘Next’ to display the following dialog screen.

Request Certificate diialog.

  1. Complete the dialog fields as follows:
Field Description
Cryptographic service provider Select ‘Microsoft RSA SChannel Cryptographic Provider’ (unless you have a specific cryptographic provider).
Bit length Select 2048 (unless you have a specific reason for using a larger bit length).
  1. Click ‘Next’ to display the following dialog screen.

Request Certificate diialog.

  1. Click Browse button. and specify the directory location and filename for the certificate signing request. The filename should have a .txt extension, for example, csr.txt.

Request Certificate diialog.

  1. Click ‘Finish’ and use the certificate request to obtain a certificate from a signing authority.

Install the certificate

Once you have obtained a certificate, carry out the following steps to install it on the server on which the certificate signing request file was created.

  1. Start Internet Information Services Manager, select the server in the Connections pane, and double-click ‘Server Certificates’ in the IIS section of the server home page.

Internet Information Services (IIS) Manager - Server Certificates.

  1. Click ‘Complete Certificate Request…’ in the Actions pane. The following dialog is displayed.

Complete Certificate Request diialog.

  1. Complete the dialog fields as follows:
Field Description
File name containing the certification authority’s response Click Browse button. and browse for the certificate file provided by the certificate provider.
Friendly name Enter a descriptive name used to identify the certificate, for example, yourdomain.com.
  1. Click ‘OK’ to install the certificate.

Create an HTTPS binding

To create an HTTPS binding and assign the certificate to the binding, carry out the following steps.

  1. In the Connections pane, select the web site that hosts the LiveCompare application, for example, ‘Default Web Site’.

  2. Click ‘Bindings…’ in the Actions pane. The following dialog is displayed.

Site Bindings dialog.

  1. Click ‘Add’. The following dialog is displayed.

Add Site Binding dialog.

  1. Select https in the Type dropdown list. The screen changes to the following.

Add Site Binding dialog.

  1. Complete the dialog fields as follows:

Field What to do
IP address Select ‘All unassigned’. However if your server has multiple IP address, select the one that applies.
Port Enter 443 unless you are using a non-standard port for SSL traffic.
Host name If you are using Server Name Indication (SNI), enter the host name that you are securing.
Require Server Name Indication If you are using Server Name Indication (SNI), select this check box.
SSL certificate Select the installed SSL certificate from the dropdown list.

  1. Click ‘OK’ to save your changes, and then close the Site Bindings dialog.

Configure the LiveCompare web site to use HTTPS/SSL

To configure the LiveCompare web site to use HTTPS/SSL, carry out the following steps.

  1. In the Connections pane, expand the Sites folder and select the site you wish to secure using the SSL certificate.

Internet Information Services (IIS) Manager - LiveCompare.

  1. Double-click ‘SSL Settings’ in the IIS section of the server home page.

Internet Information Services (IIS) Manager - SSL Settings.

  1. Select the ‘Require SSL’ check box, and then select ‘Ignore’ to allow users to connect to the LiveCompare web site without supplying their own certificate.
  2. Click ‘Apply’ to save your changes.

Create secure session cookies

To set the secure attribute on the ASP.NET_SessionId cookie, carry out the following steps:

  1. Edit the <LiveCompare install dir>\web\apps\Web.config file using a text editor.
  2. Change the line which reads:

<httpCookies httpOnlyCookies="true" requireSSL="true" />

to:

<httpCookies httpOnlyCookies="true" requireSSL="true" />

Configure LiveCompare to use single sign-on