WebGIS enables powerful geospatial web applications and services that securely share your organization’s rich geospatial data, and provides tools to deeply examine spatial data and create value added products, on demand.
How can I configure Consumer Portal layout to work under secured (HTTPS) protocol?
Answer
In order to make Consumer Portal work under secured connections there are few additional configuration settings needed.
Background Information
The Consumer Portal is a lightweight client application and thus requires a server backend service to provide necessary data and search services. There are two backend services used:
Backend Default Application Pool assigned: BackendAppPool Location: C:\Program Files\Common Files\Hexagon\Services\AdminInstances\Backend
BackendWMPS Default Application Pool assigned: BackendWMPSAppPool Please see comment below how to properly configure this service...
Those backend services use unsecured HTTP protocol by default and this will cause either mixed-content errors or service unavailable errors (depending on IIS settings) when HTTPS Consumer Portal tries to access them.
Solution
To fix this, make copies of the backend services under the secured web site, or simply make sure that you can access them through HTTPS.
This sample request can be used to check if the backend works with HTTPS: https://<server_address>/backend/v2/connection/setcookie
It should respond with a blank page and 200 OK status (e.g. when checking in browser developer console).
Please refer to attached screenshot showing a sample configuration.
Additional Constraints
In default configuration, OSM tiles will throw mixed-content errors in the console, since they use HTTP protocol. Still, they will display.
You can specify different OSM tile server which supports HTTPS in the <ConsumerInstance>\data\Default_OSM.json file, "services" JSON configuration section.
Only HTTPS services (WMS/WMTS) can be used in such Consumer portal configuration
WMPS won't work as it currently does not support HTTPS
I didn't test the BackendWMPS extensively and as pointed in the article, the WMPS service itself doesn't work properly under HTTPS.
BackendWMPS is just a specific variant of WMPS instance. I have seen attempts converting WMPS service to HTTPS and some of them seemed to partially work. Perhaps @fmak gathered some ideas from recent support tickets.
You still should be able to utilize the Oracle search alternative / or it is possible to develop your own search backend using Portal SDK.
Hi guys, I was able to convince WMPS to work under HTTPS protocol by following these steps:
1) Create a copy of BackendWMPS folder (to keep original one for HTTP traffic or just as reference). I gave it a name such as 'BackendWMPSSec' 2) Enable Full control to the cache subfolder as permission settings get lost during copy. Use 'IIS AppPool\BackendWMPSAppPool' user for such. 3) Create a new application in IIS pointing to the new folder. You can use the same AppPool - 'BackendWMPSAppPool'. 4) Make sure that Require SSL is checked in IIS on that service. 5) Make web.config changes to convince WMPS to work under HTTPS (see my config attached). 6) Assign a WMPS search to secured Consumer instance and then change service URL in the Consumer's satellite_asset.json to use HTTPS. For example:
Just a quick note - our local team tried last suggestion and after the change the 'red pin' that has results of search does not show in map. We are still very keen to find a solution as mixing http and https is getting to be harder and harder all the time. Also loose the ability to find user location as that requires site to run under https.
I am trying to follow your advice on enabling HTTPS for BackendWMPS with a regular 2018 update 1 WMPS to make it work over HTTPS. Using your updated web.config and enabling Require SSL in IIS Manager does result in the WMPS running over HTTPS and it connects fine and displays data on Geospatial Portal but when accessed through Consumer Portal (via HTTP or HTTPS) the HTTPS WMPS layer is not loaded with the message "Layer doesn't support current Coordinate Reference System".
This seems odd as it works fine in Geospatial Portal.
I've cleared .NET cache for the WMPS instance but there was no change to the issue.
Do you have an idea what could be causing this issue?