All data that is sent by HTTP is not encrypted and can be inspected. For this reason, we added an option to enable HTTPS for the Accelerator. HTTPS encrypts all data that is sent from the client to the Accelerator and vice versa. Follow these steps to configure a secure HTTPS connection for your setup.
Skip this step if you have already imported the certificate to your machine's certificate store. Otherwise, open Windows PowerShell and run the following command:
Import-PfxCertificate -FilePath <cert.pfx> -CertStoreLocation Cert:\LocalMachine\My
Where:
<cert.pfx> - the path to your certificate. We recommend using PFX certificates. Learn more about the Import-PfxCertificate command.
Once the certificate is imported, you should see the following message in the console:
Thumbprint Subject
---------- -------
XXXXXXXXXXXXXXXXXXXXX CN=example.com
Notice Thumbprint — it is your certificate's SHA-1 hash represented as a hex string. You will need it in the next step.
On an elevated console (“Run as administrator”), register the server certificate by running this command:
netsh http add sslcert ipport=0.0.0.0:<port> certhash=<certHash> appid=<app-guid>
Where:
<port> - the listening port (50005 by default). The IP address 0.0.0.0 matches any IP address for the local machine. Ensure that the port you specify in the <port> parameter is not being used by other servers. Remember to set the same port as the PORT parameter in flexmonster.config.<certHash> - the certificate's SHA-1 hash represented as a hex string. It is the same as your certificate's thumbprint from the previous step. Verify that the <certHash> you specify in this command matches the hash of your certificate file.<app-guid> - specify a random GUID used to identify the owning application. Format the GUID like this: {00000000-0000-0000-0000-000000000000}.netsh http add sslcert ipport=0.0.0.0:443 certhash=XXX appid='{YYY}'
If any errors occur, verify that the SSL certificate is properly installed in the personal store and has an assigned private key. To see all installed SSL certificates, use this command:
netsh http show sslcert
After you have registered the certificate, enable HTTPS in the flexmonster.config file. To open this file, go to Flexmonster Accelerator Manager and click the Config button.
In flexmonster.config, modify/add the HTTPS parameter:
HTTPS=true
Available values for the HTTPS parameter are true or false. By default, HTTPS is disabled (false).
To apply new configs, restart the Accelerator using Flexmonster Accelerator Manager: click the Stop button and then click Start.
You can check if the Accelerator is up and running by navigating to its URL in the browser (https://localhost:50005 by default).
Now it’s time to configure the client - Flexmonster Pivot Table & Charts. Let’s create a minimal configuration using the JavaScript API (replace proxyUrl, catalog, and cube parameters with your specific values):
var pivot = new Flexmonster({
container: "pivotContainer",
componentFolder: "node_modules/flexmonster/",
toolbar: true,
report: {
dataSource: {
type: "microsoft analysis services",
proxyUrl: "https://localhost:50005",
catalog: "Adventure Works DW Standard Edition",
cube: "Adventure Works",
binary: true
}
}
});
Note that proxyUrl now uses https://. That means that the data is protected and encrypted with your SSL certificate.
You may be interested in the following articles: