Middle Tier Security Certificates
To securely access the Middle Tier from outside your network (e.g. from home), additional steps are required.
- You must purchase an SSL certificate from a certificate authority, import the certificate to your server, then set up https.
- You need to forward port 443 on your router to your Middle Tier server.
- You need to be very careful about security.
Note: If only accessing your Middle Tier service within your office or within your VPN, these steps are not needed.
Set Up Security Certificates
- Purchase and download a security certificate from a certificate authority such as Godaddy. The certificate must be in .pfx format and must be created with the following purpose: "ensure the identity of a remote computer over HTTPS".
- Go to Control Panel, Administrator Tools, IIS Manager.
- In the left-hand pane, left-click the top-most item in the tree view.
- In the middle-pane, select Server Certificates.
- In the right-hand pane, click Import.
- Browse for the .pfx file. Type in your password for the .pfx file. Ensure that 'Allow this certificate to be exported' is checked. Click OK.
Make note of the exact Issued To name. You will use this name in the URL when attempting to connect to the Middle Tier.
- Go back to the IIS Manager main screen. In the left-pane, left-click on the web site, usually called Default Web Site.
- In the right-hand pane, click Bindings...
- Click Add...
- Set Type to 'https', then select the SSL certificate imported in step 6. Click OK, then click Close.
IMPORTANT: When attempting to connect the Middle Tier, you must use the name the certificate was Issued To, and the URL must begin with 'https'. For example, if the certificate was issued to derek.abc.com, the Choose Database window should look like this when attempting to connect to the Middle Tier: