logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
grepillez  
#1 Posted : Tuesday, January 22, 2019 8:45:58 AM(UTC)
grepillez


Rank: Guest

Joined: 1/22/2019(UTC)
Posts: 1
France
Location: nantes

Hi all,

I'm a trainee for a company where they use screenconnect for a long time (50+ agents installed, sessions and other stuffs).

The server they use is a 2012R2 without IIS (dedicated server for SC)

This server have 2 network cards an each have a public address

here the running conf:

<add key="WebServerListenUri" value="http://help.ourdomain.net:80/" />
<add key="RelayListenUri" value="relay://screenconnect.ex13.ourdomain:443/" />
<add key="RelayAddressableUri" value="relay://screenconnect.ourdomain.net:443/" />

I have to change this conf to :

- add a letsencrypt cert for those URL (that part is done with a single cert that cover all URL in 1 cert)
- modify the conf to permit clients access with HTTPS (http://help.ourdomain.net -> https://help.ourdomain.net)
- keep the current agent access with 443


I've tryied several conf, sometimes the front access is in HTTP, relay in HTTPS and agents are connected, other time it's the front which is in HTTPS but agents are disconnected...

could you please help me on this conf ?

thanks !

Scott  
#2 Posted : Tuesday, January 22, 2019 2:23:02 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
Just to summarize, you want to add SSL security to your Control web application so that it must be access via HTTPS, correct?

We have a pretty solid KB article on the process here.

To expand a bit on that article though, you do not need to make any changes to the RelayListenUri or RelayAddressableUri since they are bound to a different internet adapter.

You'll need to install the certificate on the server and verify its presence within the Personal cert store via mmc. After that you can use netsh command to bind the already-installed certificate to the correct IP address and port. Finally, change the WebServerListenUri to use https and the correct domain. This process is a bit cumbersome but this Help Article explains each step pretty well.
ScreenConnect Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.