Nx Witness User Manual
Forcing Secure Connections ensures Clients only connect to Servers in the System using HTTPS to prevent management traffic (Users accounts, Device access credentials, Web Admin.) from being intercepted.
This setting is enabled by default.
Desktop Client
1.Open Main Menu > System Administration > Security tab.
2.Check the Force servers to accept only encrypted connections checkbox.
3.Apply changes.
1.Open Settings > System Administration > General.
2.Check the Allow only secure connections checkbox.
3.Apply changes.
IMPORTANT: This setting is turned on by default and will affect the following:
•Generic Events should be reconfigured in the external system. All integrations configured to work with HTTP need to be updated and tested.
•API calls – all external systems that use API for integrations should be re-configured to use HTTPS and then tested.
Once HTTPS is enabled, the first time you attempt to log onto a server's web page, the browser may first display warnings that indicate a bad certificate and insecure connection ("Your connection is not private. Attackers might be trying to steal your information..."). This is not the case. The warning is a safety feature due to the self-signed certificate on the Server. The connection will in fact be more secure.
Note: Most browsers will generate a prompt or confirmation dialog to proceed using an HTTPS connection. While the specific text will vary by browser version, a common sequence it to click on the word Advanced, then click the Proceed to [xxx.x.x.x] (unsafe) link to log in. Local machine and application define when this authorization must be repeated.
