logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
Jonneh  
#1 Posted : Friday, February 6, 2015 9:47:34 AM(UTC)
Jonneh


Rank: Newbie

Joined: 2/6/2015(UTC)
Posts: 2
United Kingdom

Hi,

I'm trying to set up a trial for screen connect. To avoid using another windows licence I want to use a pre-existing box with another service currently using port 443 for an SSL hosted service.

How can I enable SSL on Screen connect but have it host itself on another port, so that can simply translate 443 connections from an external IP over to the port chosen?

Thanks,

Jon

ReadingPlus  
#2 Posted : Friday, February 6, 2015 5:30:19 PM(UTC)
ReadingPlus


Rank: Member

Medals: ScreenConnect Advisor: Focus Group Member

Joined: 1/13/2015(UTC)
Posts: 15
United States
Location: Vermont

Thanks: 3 times
Out of the box, the default port is 8041 for the relay service which is SSL. You do not have to change the default ports if you don't want to.

More information about ports is listed on this page, Changing default ports.
Paul Moore  
#3 Posted : Friday, February 6, 2015 8:28:49 PM(UTC)
Paul Moore


Rank: Advanced Member

Medals: Level 3: Shirt off your back! Received 25 Thanks!

Joined: 9/16/2011(UTC)
Posts: 334

Thanks: 5 times
Was thanked: 70 time(s) in 44 post(s)
Just to clarify, port 8041 is the relay and does not use SSL/TLS. It is already encrypted at rest, prior to sending it over 8041. It's recommended to use port 80 for the relay and 443 (TLS) for the UI.
ScreenConnect Reporting - Collects live & historical information including session times.
http://goo.gl/nrF3e9
Scott  
#4 Posted : Monday, February 9, 2015 2:23:23 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
Just to recap, Paul and ReadingPlus are correct, the relay traffic is encrypted by default. It's not encrypted with standard SSL/TLS methods, but rather at rest and inside of the application (exactly as Paul said).

To answer your original question, you can configure the web service to use SSL on any port you want, you just need to specify that in the netsh command that's used to bind it. It would look similar to:

Code:
netsh http add sslcert 0.0.0.0:8041 certhash=.... appid=....


And in the web.config where you'd normally change the WebServerListenUri to https://+:443/, you would instead change it to https://+:8041/.
ScreenConnect Team
Jonneh  
#5 Posted : Tuesday, February 10, 2015 8:43:36 AM(UTC)
Jonneh


Rank: Newbie

Joined: 2/6/2015(UTC)
Posts: 2
United Kingdom

Great, thanks.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.