Enable HTTPS between IIS and CIC

Tip: Best practice is to use HTTPS from CIC to IIS and from IIS to the web browser, or from IIS to the web browser only. Securing traffic from IIS to CIC only can cause issues with Secure cookies.

Complete the following tasks to encrypt the connection between the web server and the CIC server. Ensure that you complete the steps to Enable HTTPS between the web browser and IIS first.

Step 1: Change inbound rule to use HTTPS

To change the inbound rule to use HTTPS

1. On your web server, open IIS Manager and then expand Sites.

2. Select your web site (for example, ININApps).

3. Double-click the URL Rewrite module.

4. Open the Inbound Rule inin-api-rewrite.

5. In the Rewrite URL field, change the Rewrite URLto use HTTPS:

   1. Change the protocol to https.

   2. Change the port to 8019.

6. In the Actions pane, click Apply.

Step 2: Trust the CIC server HTTPS certificate

Note: If the Servername_Certificate.cer file has a Certificate Chain, then you must trust all the certificates in the Chain. Check to see if Issued To and Issued By are different names. If you do not trust all the certificates in the chain, the certificate can't be validated and the SSL handshake will fail. Repeat this task for each Session Manager device in your environment (including both CIC Servers and any Off-Server Session Managers.)

To trust the CIC server HTTPS certificate

1. Locate the HTTPS certificate on your CIC server. The default location is \I3\IC\Certificates\HTTPS.

2. Copy Servername_Certificate.cer to your web server.

3. On your web server, locate the copied HTTPS certificate and then double-click the certificate.

4. Click Install Certificate.

5. Select Local machine and then click Next.

6. Select Place all certificates in the following store.

7. To choose the certificate store, click Browse and select Trusted Root Certification Authorities.

8. Click OK.

9. Click Next.

10. Click Finish.