Using SSL/TLS


Introduction

Izenda supports and strongly recommends the use of SSL/TLS to secure traffic between the Front-end, Backend (API) sites. This guides demonstrates how to configure Izenda to us HTTPS.


Steps

  1. Add SSL bindings for the API and Front-end sites. The process for doing this will vary, please consult with your technical staff for assistance.

  2. Update the izenda_config.js (Front-end) to use the new HTTPS binding for the API

    WebApiUrl:”https://localhost/api/

  3. Update the following settings in the IzendaSystemSetting table to use HTTPS.

Note

The values below are examples, you will need to use values relevant to your particular setup.

Name Value
WebAPIUrl https://localhost:5555/
WebUrl https://localhost:5556/
AuthValidateAccessTokenUrl https://example.com/api/validateAccessToken
AuthGetAccessTokenUrl http://example.com/api/getAccessToken

Common Log Errors

Note

Self-signed & untrusted certificates must be installed on the server hosting the API in order for the Izenda application to “trust” them.

  • The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
  • System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.