HTTP/HTTPS File Server
MAPS hosts the eLauncher landing page and the Argos Web Viewer on an integrated web server, which can be configured to use either HTTP or HTTPS depending on your institution's needs. Evisions highly recommends using HTTPS, which requires an SSL certificate for the server. Using HTTPS will improve security, as well as allow you to use the eLauncher's single sign-on features. HTTPS is also required in order to use the Argos Web Viewer.
Difference between logging in with HTTP and HTTPS
- With HTTPS, users log in once to the eLauncher. They will not be prompted to log in again to each application, with the exception of IntelleCheck and the MAPS Configuration tool.
- With HTTP, users must log in to each application individually.
- With HTTPS, users can customize the launch page to show just the products that they use. Only MAPS administrators can see the MAPS product tab.
- With HTTP, all users see the same launch page with no customization options.
HTTP Server
By default, the MAPS web server runs on port 8080. When you first install MAPS, only HTTP is enabled, and you access the eLauncher and MAPS Configuration at the default HTTP URL. From the machine where MAPS is installed, this URL looks like http://localhost:8080.
If you plan to allow HTTP access, it is recommended to change the port to port 80. Port 80 is the standard web port for the HTTP protocol. When you open a web browser and type any address beginning with "http://", your browser assumes you wish to use port 80 for communication. If you use any port other than 80 for HTTP, end users will need to specify the port number as well as the server address in order to connect. For example: http://myserver:portnumber
In contrast, if the HTTP server is running on port 80, users do not need to include the port number because the browser automatically uses port 80: http://myserver
HTTPS Server
Check the Use HTTPS Server box to enable Secure HTTP. Evisions highly recommends using the HTTPS protocol to ensure secure communications between your users and the MAP server. The HTTPS protocol is used when logging in to the eLauncher, as well as for Argos Web Viewer if you use Argos (Client application traffic is encrypted with AES regardless of whether using HTTPS or not). HTTPS is required in order to use the Web Viewer because of the risks involved with transmitting unsecured data over plain HTTP.
Note: When configuring HTTPS for the first time, we recommend that you leave the HTTP file server enabled and the Auto elevate HTTP requests to HTTPS option turned off until you verify that you can successfully connect using HTTPS. Otherwise, if there is a problem with your SSL certificate you may not be able to connect to the eLauncher to reopen the Configuration tool. If this happens, you can launch the Configuration executable directly from the installation directory on the server where MAPS is installed, or from a locally downloaded copy.
For 32-bit installations, the configuration application is located here on the server:
C:\Program Files\Evisions\MAPS\Service\Applications\Configuration\[GUID]\[version]
and here in your user folder if you have accessed MAPS config from that machine:
\AppData\Roaming\Evisions\MAPClients\Configuration[version]
For 64-bit installations, the configuration application is located here on the server:
C:\Program Files\Evisions\MAPS\Service\bin64\Applications\Configuration\[GUID]\[version]
and here in your user folder if you have accessed MAPS config from that machine:
\AppData\Roaming\Evisions\MAPClients\bin64\Configuration[version]
Importing SSL Certificates
Click the Set SSL Certificate Files button to open the SSL Settings dialog box.
Use the folder icon to the right of each text box to navigate to the location of your SSL certificate (MyCertificate.crt), key file (MyCertificate.key), and root or intermediate certificate (MyRootCertificate.crt). Click OK when finished.
A certificate which depends on another certificate to establish a chain of trust going back to the root certificate. Certificates obtained from commercial certificate vendors are often intermediate certificates.
Intermediate certificates are also known as chained root certificates.
Note: If you have not implemented SSL and wish to do so, a good place to start is www.openssl.org as you will need to have OpenSSL installed in order to create a private key and generate a certificate request. Once you have done this, you can request a certificate from a Certificate Authority. Details on how to obtain a certificate are described on the Obtaining an Open SSL Certificate page.
After providing the certificates and key you must restart the web server by clicking Stop and then Start under the Web server status.
Auto-Elevation to HTTPS
Once you have confirmed that you can connect using HTTPS, you can check the Auto elevate HTTP requests to HTTPS option if you would like to redirect any users who type "http://" in the address bar to the appropriate HTTPS address. The advantage of auto-elevation is that if you have HTTP disabled, users can still get to the eLauncher even if they forget to type "https://" in the address bar. If HTTP is disabled and auto-elevation is not turned on, the user will see a "page not found" error.
Port Numbers
By default, MAPS uses the following port numbers:
Traffic | Default Port | Encrypted? |
---|---|---|
Launch page (HTTP) | 8080 | No |
Launch page (HTTPS) Argos Web Viewer (HTTPS) |
443 | Yes |
MAPS applications | 27467 | Yes |
FormFusion (nFusion) | 27468 | Yes |
To change either the HTTP or HTTPS port, first stop the web server using the Stop button. Enter the desired port number into the HTTP Port or HTTPS Port box, then click Start to restart the web server. You should see the Web Server status field at the top of the page update to "Active" when it has successfully restarted.
Note: If you have other software running on the machine where MAPS is installed that is already using the assigned port number, the MAPS web server will not start and you will not see the "Active" server status. You have two choices at this point: either select a different port, or stop the other software that is already using your desired port before proceeding.
Note: If you use a port number other than the default for HTTP or HTTPS, you will need to include the port number in the URL when accessing the eLauncher or AWV. You do not need to specify the port number when using port 8080 with HTTP or port 443 with HTTPS.
OpenSSL Files
MAPS uses OpenSSL to establish HTTPS connections. The MAPS service directory (C:\Program Files\Evisions\MAPS\Service) contains two files supplied by the OpenSSL Project:
Versions 5.x and earlier of MAPS automatically update these files upon service restart. If the version included with the MAPS distribution is newer than the version in the directory, MAPS will overwrite the files. If the version in the directory is newer, MAPS will leave them in place. Therefore, if OpenSSL releases a new version, you may update the files in the service directory without requiring an update to MAPS. In version 6.0 and later, MAPS only updates the OpenSSL files when the MAPS service is updated.
If your institution uses a clustered MAPS installation, there are additional copies of the OpenSSL files in the \Service\drivers\[x86/x64]]\pg subdirectory.
Note: MAPS 5.0 and earlier supports OpenSSL .dll files up to version 1.0.1r. To use a later version of the .dll files, you must upgrade to MAPS service 5.0.1 or higher.
See Also: HTTP File Server - Advanced Settings