Changing the Hypertext Transfer Protocol

In this topic:

About Hypertext Transfer Protocol

Changing transport protocol from HTTP to HTTPS

Changing transport protocol from HTTPS to HTTP

Creating a self-signed SSL Certificate

About Hypertext Transfer Protocol

Hypertext Transfer Protocol is the protocol used to allow communication with Web sites. Standard HTTP is an insecure transfer protocol which is vulnerable to outside influences, while HTTPS allows a secure transfer protocol using a SSL Certificate to encrypt the online data. The HTTPS protocol provides encryption to ensure secure connections and transmission of data from a web server to a browser. If data on the Web site is confidential or to prevent undesired outside influences, HTTPS should be used.

SSL (Secure Sockets Layer) Certificates are files that contain a cryptographic key. When installed on a web server, it activates the gold padlock in the browser and the HTTPS protocol (over port 443).

During REST Support installation, the administrator was asked to select the level of access:

  • Typical: provides access through standard HTTP without using an SSL certificate
  • Self Signed: provides access through HTTPS and creates a self-signed certificate that expires in one year. If Self Signed was selected, a self-signed SSL Certificate has been created for the server where REST Support is installed. The certificate is unique for each machine where installed. A self-signed certificate will generate a security alert message unless the REST client "trusts" the self-signed certificate.  

 In the event that the administrator elects to change the access from HTTP to HTTPS or vice versa, instructions are provided below.

Changing Transport Protocol from HTTP to HTTPS

To configure the server to use HTTPS:

  1. In the REST Support installation folder (default folder C:\Program Files\DataCore\Rest), edit the Web.config file.

    In the <system.serviceModel> section under <bindings>, change the following line from from  <httpTransport to <httpsTransport:  

  2. In Internet Information Services (IIS) Manager, for the Default Web Site, click to Edit SiteBindings... in the Actions menu.

  3. In the Site Bindings dialog box, click Add... to open the Add Site Binding dialog box.
  4. In the Type box, select https. In the SSL certificate box, select the certificate that should be bound to the REST server Web site. The certificate will be the name of the REST Server.  If the certificate does not exist, see Creating a Self-signed SSL Certificate to create it.
  5. Click OK.  The server certificate and expiration date can be viewed by clicking Server Certificates from the Home Page.

  6. If using Windows PowerShell cmdlets, run the Configure-RestCertificate.ps1 script file from the PowerShell window. The script file is included in the REST Support installation folder.  

  7. If necessary, enable a setting on the REST client in order to allow the REST client to "trust" a self-signed certificate.

Changing Transport Protocol from HTTPS to HTTP

To configure the server to use HTTP:

  1. In the REST Support installation folder (default folder C:\Program Files\DataCore\Rest), edit the Web.config file.
  2. In the <system.serviceModel> section under <bindings>, edit the following line from <httpsTransport to <httpTransport:  

Creating a Self-Signed SSL Certificate

During the installation of DataCore REST Support, if the Self Signed option was selected, a self-signed SSL Certificate was created for the server where REST Support is installed. That certificate expires in one year. Another self-signed certificate can be created by the administrator to replace an expiring certificate.

Note: Instructions are provided for Windows Server 2012 R2. For more information about creating a Self-signed SSL Certificate or binding the certificate, refer to Microsoft documentation.

To create:

  1. On the REST server, open Internet Information Services (IIS) Manager and click Server Certificates from the Home page.  

  2. From the Actions pane, click Create Self-Signed Certificate.

  3. Specify a name for the certificate. Select Web Hosting as the certificate store.  

  4. Check that it is in the list of the certificates. Also, Issued to is the address that should be specified in the REST URI requests.

  5. Add a binding for the certificate to the web site. Instructions are in the Changing transport protocol from HTTP to HTTPS section above.