Enable SSL to the Client
To enable SSL between WebApp Secure and the client, do the following:
- In the Web UI, navigate to the application for which you want to enable SSL or switch to the desired application's context.
- Navigate to Configuration > Applications > My App > Proxy/SSL Settings and enable SSL to the backend.
- Upload your SSL certificate and key file.
- Select a listening interface IP address and HTTP and HTTPS
ports,
Note: The combination of port/IP must be unique for the system. If the system is clustered, an IP must be selected for each node.
- When you save the SSL configuration in a deployment containing
multiple appliances, the certificate is propagated from the master
system to all subsequent systems.
Figure 1: Proxy / Backends
 | Warning: To safeguard against inheriting SSL certificates, WepApp Secure does not allow SSL at the global level. Therefore, you must configure an application in order to enable SSL. |
| Warning: Your certificate and key files cannot be password protected. If they are, WebApp Secure will be unable to read them. You can remove passwords on your existing certificate by using the openssl program. For example, openssl rsa -in mykey.pem -out newkey.pem. |
| Note: Certificates must be in valid PEM (Privacy Enhanced Mail) format. You can verify the SSL certificate by using the command, openssl verify <sslcert.crt>. WebApp Secure is only concerned with the validity of the format. openssl verify might allude to other problems with the certificate, but other issues do not come into play when used within WebApp Secure. |
