Hexagon Geospatial
MENU

WebGIS Q&A

WebGIS enables powerful geospatial web applications and services that securely share your organization’s rich geospatial data, and provides tools to deeply examine spatial data and create value added products, on demand.
Turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Do you mean 

How to make Consumer Portal working with HTTPS?

by Technical Evangelist ‎11-15-2017 01:37 AM - edited ‎05-24-2018 01:35 AM (1,863 Views)

Question

How can I configure Consumer Portal layout to work under secured (HTTPS) protocol?

Answer

In order to make Consumer Portal work under secured connections there are few additional configuration settings needed.

Background Information

The Consumer Portal is a lightweight client application and thus requires a server backend service to provide necessary data and search services. There are two backend services used:

  • Backend
    Default Application Pool assigned: BackendAppPool
    Location: C:\Program Files\Common Files\Hexagon\Services\AdminInstances\Backend
  • BackendWMPS
    Default Application Pool assigned: BackendWMPSAppPool
    Please see comment below how to properly configure this service...

Those backend services use unsecured HTTP protocol by default and this will cause either mixed-content errors or service unavailable errors (depending on IIS settings) when HTTPS Consumer Portal tries to access them.

Solution

To fix this, make copies of the backend services under the secured web site, or simply make sure that you can access them through HTTPS.

 

This sample request can be used to check if the backend works with HTTPS: https://<server_address>/backend/v2/connection/setcookie

It should respond with a blank page and 200 OK status (e.g. when checking in browser developer console).

 

Please refer to attached screenshot showing a sample configuration.

Additional Constraints

  • In default configuration, OSM tiles will throw mixed-content errors in the console, since they use HTTP protocol. Still, they will display.
    • You can specify different OSM tile server which supports HTTPS in the <ConsumerInstance>\data\Default_OSM.json file, "services" JSON configuration section.
  • Only HTTPS services (WMS/WMTS) can be used in such Consumer portal configuration
  • WMPS won't work as it currently does not support HTTPS
Rate this article:
0 HexPoints
Did you find this article helpful? Yes No
11 Comments (11 New)
Hide Comments
Comments
by
on ‎05-23-2018 10:03 PM

Hi Jan,

 

Would you mind explaining a little bit more?

 

We following your example, but the site still calles search with url such as http://ygaovm05/BackendWMPS/MapService.svc/v1.0/Stateless/GetFeatures

 

We also try to change the search url from http to https but it still doesn't work

 

  "services": [
    {
      "id": "468151e1-3c47-4681-8db3-2d551104cd04",
      "name": "WMPSService",
      "type": "WMPSSearch",
      "url": "https://ygaovm05/BackendWMPS/MapService.svc"
    }
  ],
  "searchables": [
    {
      "id": "02b99838-5c05-4b90-8462-3da6ef3c1cac",
      "name": "ratetype",
      "dataset": "d4b0a432-ecbb-42c7-b5c7-10d30af97c41"
    }
  ]

Appreciate all the help

 

Kind regards

by Technical Evangelist
on ‎05-23-2018 06:12 AM

Hi Bob,

 

I didn't test the BackendWMPS extensively and as pointed in the article, the WMPS service itself doesn't work properly under HTTPS.

BackendWMPS is just a specific variant of WMPS instance. I have seen attempts converting WMPS service to HTTPS and some of them seemed to partially work. Perhaps @fmak gathered some ideas from recent support tickets.

 

You still should be able to utilize the Oracle search alternative / or it is possible to develop your own search backend using Portal SDK.

 

Jan

by Technical Evangelist
on ‎05-24-2018 01:33 AM

Hi guys, I was able to convince WMPS to work under HTTPS protocol by following these steps:

 

1) Create a copy of BackendWMPS folder (to keep original one for HTTP traffic or just as reference). I gave it a name such as 'BackendWMPSSec'
2) Enable Full control to the cache subfolder as permission settings get lost during copy. Use 'IIS AppPool\BackendWMPSAppPool' user for such.
3) Create a new application in IIS pointing to the new folder. You can use the same AppPool - 'BackendWMPSAppPool'.
4) Make sure that Require SSL is checked in IIS on that service.
5) Make web.config changes to convince WMPS to work under HTTPS (see my config attached).
6) Assign a WMPS search to secured Consumer instance and then change service URL in the Consumer's satellite_asset.json to use HTTPS. For example: 

"services": [
{
"id": "43251148-5cfb-4e7b-95dd-902c28fb6d1e",
"name": "WMPSService",
"type": "WMPSSearch",
"url": "https://win2016/BackendWMPS/MapService.svc"
}

7) Both WMPS search and location service should work now.

by
on ‎11-08-2018 04:56 PM

Just a quick note - our local team tried last suggestion and after the change the 'red pin' that has results of search does not show in map. We are still very keen to find a solution as mixing http and https is getting to be harder and harder all the time. Also loose the ability to find user location as that requires site to run under https.

by
on ‎01-10-2019 08:25 AM

Jan,

I am trying to follow your advice on enabling HTTPS for BackendWMPS with a regular 2018 update 1 WMPS to make it work over HTTPS. Using your updated web.config and enabling Require SSL in IIS Manager does result in the WMPS running over HTTPS and it connects fine and displays data on Geospatial Portal but when accessed through Consumer Portal (via HTTP or HTTPS) the HTTPS WMPS layer is not loaded with the message "Layer doesn't support current Coordinate Reference System".

 

This seems odd as it works fine in Geospatial Portal.

I've cleared .NET cache for the WMPS instance but there was no change to the issue.

 

Do you have an idea what could be causing this issue?

 

Thanks,

Colin

Contributors
Users online (152)