Get Free Trial
  1. API reference
Connecting to Data Source
  1. Supported data sources
  2. Connecting to other data sources
Configuring the component
  • Documentation for older versions
  • Table of contents

    SSAS - Configuring a secure HTTPS connection

    Overview

    All data that is sent by HTTP is not encrypted and can be inspected. For this reason, we added an option to enable HTTPS for the Accelerator. HTTPS encrypts all data that is sent from the client to the Accelerator and vice versa. Follow these steps to configure a secure HTTPS connection for your setup.

    Requirements

    • Flexmonster Pivot version 2.206 or higher
    • Microsoft Analysis Services installed and configured
    • Microsoft .NET Framework 4 or higher
    • A valid and trusted SSL certificate

    Step 1. Import the certificate to the certificate store

    Skip this step if you have already imported the certificate to your machine’s certificate store. Otherwise, open Windows PowerShell and run the following command:

    Import-PfxCertificate -FilePath <cert.pfx> -CertStoreLocation Cert:\LocalMachine\My

    Where:

    • <cert.pfx> – the path to your certificate. We recommend using PFX certificates.

    Learn more about the Import-PfxCertificate command.

    Once the certificate is imported, you should see the following message in the console:

    Thumbprint             Subject
    ----------             -------
    XXXXXXXXXXXXXXXXXXXXX  CN=example.com

    Notice Thumbprint — it is your certificate’s SHA-1 hash represented as a hex string. You will need it in the next step.

    Step 2. Register the server certificate

    On an elevated console (“Run as administrator”), register the server certificate by running this command:

    netsh http add sslcert ipport=0.0.0.0:<port> certhash=<certHash> appid=<app-guid>
    

    Where:

    • <port> – the listening port (50005 by default). The IP address 0.0.0.0 matches any IP address for the local machine. Ensure that the port you specify in the <port> parameter is not being used by other servers. Remember to set the same port as the PORT parameter in flexmonster.config.
    • <certHash> – the certificate’s SHA-1 hash represented as a hex string. It is the same as your certificate’s thumbprint from the previous step. Verify that the <certHash> you specify in this command matches the hash of your certificate file.
    • <app-guid> – specify a random GUID used to identify the owning application. Format the GUID like this: {00000000-0000-0000-0000-000000000000}.
      If using Windows PowerShell, the GUID should be additionally enclosed in single quotes as follows:
      netsh http add sslcert ipport=0.0.0.0:443 certhash=XXX appid='{YYY}'

    If any errors occur, verify that the SSL certificate is properly installed in the personal store and has an assigned private key. To see all installed SSL certificates, use this command:

    netsh http show sslcert
    

    Step 3. Enable HTTPS in Flexmonster Accelerator

    After you have registered the certificate, enable HTTPS in the Accelerator’s config. Open flexmonster.config and modify/add the HTTPS parameter:

    HTTPS=true
    

    Available values for the HTTPS parameter are true or false. By default HTTPS is disabled (false).

    Flexmonster Accelerator is now ready to be launched. Just run flexmonster-proxy-ssas.exe with administrator privileges.

    You can check if the Accelerator is up and running by navigating to its URL in the browser (https://localhost:50005 by default).

    Step 4. Configure Flexmonster Pivot

    Now it’s time to configure the client – Flexmonster Pivot Table & Charts. Let’s create a minimal configuration using the JavaScript API (replace proxyUrl, catalog, and cube parameters with your specific values):

    var pivot = new Flexmonster({ 
    container: "pivotContainer",
    toolbar: true,
    report: {
    dataSource: {
    type: "microsoft analysis services",
    proxyUrl: "https://localhost:50005",
    catalog: "Adventure Works DW Standard Edition",
    cube: "Adventure Works",
    binary: true
    }
    }
    });

    Note that proxyUrl now uses https://. That means that the data is protected and encrypted with your SSL certificate.

    What’s next?

    You may be interested in the following articles: