Setting up HTTPS

By default, communication with the Management Console is not encrypted.
If HTTPS is enabled, the server can enforce secure connections between client and server on an SSL channel.

Prerequisites

  • Kiosk version must be greater than or equal to 4.4.5

  • Must have a certificate on the kiosk system

  • If the private key is encrypted you must create a file that contains the passphrase on the system

  • Note down the file paths for the certificate, private key, and or passphrase file

How to create a self signed certificate (optional)

This is for testing purposes only.
Self signed certificates may have limited functionality due to the nature of self signing.

  • Using linux terminal

    • With Passphrase

      openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem

      images/s/en_GB/7201/e9483755159fbecaf5aef9b1eebd094ee4430d2f/_/images/icons/emoticons/information.png Create your passphrase file and enter your passphrase into it

    • Without Passphrase

      openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes
  • Using git bash

    • With Passphrase

      winpty openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem

      images/s/en_GB/7201/e9483755159fbecaf5aef9b1eebd094ee4430d2f/_/images/icons/emoticons/information.png Create your passphrase file and enter your passphrase into it

    • Without Passphrase

      winpty openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes

Add your certificate to kiosk

  1. After completing the prerequisites you should have a certificate, and private key on the kiosk

  2. From the management console navigate to the Security page

    images/download/attachments/5092344/image2020-8-25_11-3-9.png

  3. Click images/download/attachments/5092344/image2020-8-25_11-4-1.png

  4. Click images/download/attachments/5092344/image2020-8-25_11-6-40.png

  5. Fill the required input fields and click images/download/attachments/5092344/image2020-8-25_11-7-21.png
    images/s/en_GB/7201/e9483755159fbecaf5aef9b1eebd094ee4430d2f/_/images/icons/emoticons/information.png Kiosk will validate these fields and display an error at the top of the screen if an issue is detected. e.g. images/download/attachments/5092344/image2020-8-25_11-8-44.png

  6. Once the Certificate is added successfully click images/download/attachments/5092344/image2020-8-25_11-9-53.png

Enabling HTTPS

  1. From the management console navigate to the Security page

    images/download/attachments/5092344/image2020-8-25_11-0-44.png
  2. Click Enable HTTPS checkbox to select HTTPS

  3. Select the preferred certificate

  4. Choose the preferred TLS settings. (if no options are selected then Kiosk will fall back to default TLS settings)

  5. Click images/download/attachments/5092344/image2020-8-25_11-43-16.png

  6. The Kiosk will restart its internal components and apply the changes selected.
    images/s/en_GB/7201/e9483755159fbecaf5aef9b1eebd094ee4430d2f/_/images/icons/emoticons/information.png This process can take approximately one minute to complete

    images/download/attachments/5092344/enable_https.gif
  7. Once the Kiosk services have restarted a new tab should open that directs to the Kiosk page
    images/s/en_GB/7201/e9483755159fbecaf5aef9b1eebd094ee4430d2f/_/images/icons/emoticons/information.png If the tab does not automatically open then click the hyperlink on the results page to open the new tab.