Secure Communication on AxTraxPro Web

Secure Communication on AxTraxPro Web

This article will take you with the steps requires to allow secure communication using SSL to AxTraxPro web-client, this article utilize the OpenSSL Project cryptography, you you already have a valid certification for SSL you can move to step. "To configure your services"

Enabling Secure Communication to AxTraxPro Web Client

Generating an SSL Certificate
To create an SSL certificate for your application on a Windows machine using the command line, you can use OpenSSL to generate a self-signed certificate. This section describes how to generate an SSL certificate and configure AxTraxPro to use it.
To download and install OpenSSL on Windows:
  1. Download OpenSSL from Shining Light Productions:https://slproweb.com/products/Win32OpenSSL.htm
  2. Choose the appropriate version (usually Win64 OpenSSL for 64-bit systems)
  3. Install OpenSSL to a directory of your choice. For example: C:\OpenSSL-Win64

To generate a self-signed SSL certificate:

  1. Run the Command Prompt as an administrator
  2. Navigate to OpenSSL Directory.
  3. Navigate to the OpenSSL bin directory. For example: cd C:\OpenSSL-Win64\bin

To generate a private key and Certificate Signing Request (CSR):

  1. Run the following command to generate a private key
    openssl genrsa -out private.key 2048
  2. Run the following command to generate a CSR using the private key:
    openssl req -new -key private.key -out certificate.csr
  3. Enter the requested organization information. For a self-signed certificate, configure the Common Name to the IP address of your server

To generate the self-signed certificate:

  1.  Run the following command:
    openssl x509 -req -days 365 -in certificate.csr -signkey private.key -out certificate.crt

To convert the certificate and key to PFX format:

  1. Run the following command:
    openssl pkcs12 -export -out certificate.pfx -inkey private.key -in certificate.crt

  2. Type a new password to create a password for the PFX file.

To configure your services:

  1. Move the generated certificate.pfx file to a directory in your project or a secure location on your server
    1. Add the SSL certificate path and password to the following configuration files (default paths):
    2. c:\Program Files (x86)\Rosslare\AxTraxPro WebServer\API\appsettings.json
    3. c:\Program Files (x86)\Rosslare\AxTraxPro WebServer\Identity\appsettings.json
    4. c:\Program Files (x86)\Rosslare\AxTraxPro WebServer\API\ClientApp\dist\environments\environment.json
For example:
{
"UseSSL": "true",
"SSLPath": "C:\\path\\to\\certificate.pfx",
"SSLPass": "your_certificate_password"
}







Adding the SSL Certificate to the Trusted Root Certificate Store in Windows

Perform the following procedure to make sure your self-signed certificate is trusted by your Windows system and browsers, enabling secure HTTPS connections without warnings.

To install the certificate in the Windows Certificate Store:

  1. Open the certificate manager:
    1. Press Win +R.
    2. Type mmc.
    3. Press Enter.
  2. Add the certificates snap-in:
    1. Run the MMC console, click File > Add/Remove Snap-in.
    2. Click Certificates and click Add.
    3. Click Computer account > Local computer > Finish and click OK.
  3. Import the certificate:
    1. In the left pane, expand Certificates > Personal.
    2. Right-click Personal select All Tasks and click Import.[
    3. Follow the wizard to import your .pfx file. Use the password you set during the export.
  4. To add the certificate to the Trusted Root Certification Authorities:
    1. Copy the certificate:
    2. Run the MMC console, navigate to Certificates - Local Computer > Personal > Certificates. Locate your newly imported certificate.
    3. Right-click your certificate, select All Tasks > Export, and follow the wizard to export the certificate as .cer file. Do not export the private key.
  5. Add the Certificate to Trusted Root:
    1. In the left pane, expand Certificates > Trusted Root Certification Authorities > Certificates.
    2. Right-click Certificates, select All Tasks > Import.
    3. Follow the wizard to import the .cer file you just exported.

To verify the certificate installation:

  1. In the MMC console verify that your certificate is listed under both Personal and Trusted Root Certification Authorities.
  2. In your browser navigate to your site. For example: https://10.0.0.10.
  3. If the set up was correct, the site loads without SSL warnings.
now you can restart the AxTraxPro Webserver Service. 

    • Related Articles

    • AxTraxPro 28.1.1.3 and above Web Client access

      On AxTraxPro 28.1.1.3 and above, we introduced a single port management for the Web Clients (Web client and Roles Management Client), This is being managed by a local service on the AxTaxPro server machine named "AxTraxPro Gateway Service." It is ...

    • How to configure AxTraxPro Web Client for remote access

      The Rosslare AxTraxPro™ Web Client software is a web-based software management system intended for the ongoing management of the AxTraxPro™ Server. Operators can access the system from a web browsers for daily tasks. The AxTraxPro access control ...

    • How to set Windows Defender Firewall rule for AC-825IP and AxTraxPro client

      When using AC-825IP panel or when a remote client connection is needed there is a need to allows communication coming on to AxTraxPro Server on the PC Firewall, this article will explain you how to set Firewall rules on Windows Defender. This article ...

    • AxTraxPro Version 28.0.5.2 AC-825IP / AY-K35-S OSDP support

      This Technical Note only apply to AxTraxPro Version 28.0.5.2 Summary: Recently, Rosslare has released the AY-K35-S multi smart secure reader. Following this release, we are provided a SW patch to support the AY-K35-S as any other Rosslare's OSDP ...

    • How to connect AxTraxPro server to remote SQL server

      Before starting this process please make sure that the SQL server meets AxTraxPro server supported SQL servers. Which versions of SQL Server does AxTraxPro support? Preparing for Remote SQL connection: To connect the AxTraxPro server to a remote SQL ...

    Couldn't find what you are looking for?

    Please feel free to contact us:

    NORTH AMERICA & CANADA

    Toll Free: 1 866 632 1101
    Telephone: 1 817 305 0006

    EUROPE

    Telephone: 972 4 9577 183

    LATIN AMERICA

    Telephone:  54 11 4001 3104

    APAC, MIDDLE EAST AND AFRICA

    Telephone: 852 2795 5630

    CHINA

    Telephone: 86 755 8610 6842

    INDIA

    Telephone: 91 20 40147830