If you intend to let users only access
Silk Central through secured connections (SSL), enable
Silk Central to use Secure Sockets Layer (SSL).
-
Copy your certificate and key files to the front-end server computer.
-
Open the file
nginx.conf.template in
C:\ProgramData\SilkCentral\InstanceAdministration\nginx\conf with a text editor.
-
Uncomment the following lines by removing the #:
#listen 443 ssl;
#ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
#ssl_certificate "C:/.../ssl/host.cert";
#ssl_certificate_key "C:/.../ssl/host.key";
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-
Set the path for
ssl_certificate and
ssl_certificate_key to where you copied your certificate and key files. Specify the path using slashes instead of backslashes.
-
If you want to allow only SSL connections, comment the line
listen 19120; by adding a #.
-
Optional: To configure a redirection from the non-secure port to the secure one, add a new
server section with the following syntax:
server {
listen <non-secure port>;
server_name localhost;
return 301 https://$host$request_uri;
}
-
To apply your changes:
-
Open a browser window.
-
Type
localhost:19100 into the address bar.
-
Stop and restart one of the
Silk Central instances.