March 2, 2022
This post is an update to a previous blog about SSL/TLS certificates and has been updated to reflect the most current capabilities and UI of Curator.
If your Curator portal is available to the World Wide Web, we highly recommend setting up encryption for the connection between your users and Curator itself. It’s like having a luxury Italian sports car but leaving the doors unlocked in a seedy area with the keys in plain view—something is bound to be stolen. Even if Curator is tucked behind a nice firewall, setting up an encrypted connection isn’t a bad idea.
The one thing to consider here is that if your Curator portal sits behind some sort of network device, such as a reverse proxy or load balancer, you may need to terminate the encrypted connection there instead of Curator itself (see the documentation for configuring Curator behind proxies). The other option is to configure that network device to allow encrypted traffic through to Curator unharmed, so Curator is the one that handles terminating the SSL/TLS connection.
If the encrypted connection is not terminated on a load balancer or reverse proxy, you will need to set up SSL/TLS on the Curator server. To do so, you’ll need to have an SSL/TLS certificate file and a private key file. These are usually generated by your own IT department. Be sure they include Subject Alternative Names when they are generated.
This is a broad outline to give you an idea of what will need to take place. The online documentation has the detailed instructions on how to carry out each of these steps:
Please note that these steps are specific to Windows servers using the Apache HTTPD web server. Contact us if you need help configuring IIS to support SSL/TLS.
Here is a broad outline of what will need to take place. Again, the online documentation contains the detailed instructions on how to perform each of these steps: