Using HTTPS with MAPS

MAPS can be configured to use either or both the HTTP and HTTPS protocols for accessing the product launch page. We highly recommend using HTTPS to ensure secure communications between your users and the MAP server. The HTTPS protocol is used when logging in to the eLauncher, as well as for Argos Web Viewer if you use Argos. Client application traffic is encrypted with AES regardless of whether using HTTPS or not.

For security reasons, beginning in 4.2.1 you must use HTTPS in order to access the Argos Web Viewer. The Web Viewer runs in a browser and is therefore subject to the same risks as any other web page that transmits unsecured data over plain HTTP. Using HTTPS provides a level of encryption and assurance to your users that they are actually accessing the MAP server they intend to reach.

Users who attempt to access the Web Viewer over HTTP will see a notification and be directed back to the launch page.

MAPS Traffic

Traffic	Default Port	Encrypted
Launch page (HTTP)	8080	No
Launch page (HTTPS) Argos Web Viewer (HTTPS)	443	Yes
MAPS applications	27467	Yes

Configuring HTTPS

The MAPS in-product Help provides an overview of configuring HTTPS, as well as instructions on obtaining an SSL certificate using OpenSSL.

Difference between logging in with HTTP and HTTPS

Aside from the additional security, users will notice some differences between the eLauncher depending on whether it is using the HTTP or HTTPS protocol:

With HTTPS, users log in once to the eLauncher. They will not be prompted to log in again to each application, with the exception of IntelleCheck and the MAPS Configuration tool.
With HTTP, users must log in to each application individually.

With HTTPS, users can customize the launch page to show just the products that they use. Only MAPS administrators can see the MAPS product tab.
With HTTP, all users see the same launch page with no customization options.