Configuring Felix Properties
The config\felix.properties file should be edited to enable HTTPS.
If we leave this property in the configuration, it will still work with HTTPS enabled. So, http://localhost:50505/aspire/will access the admin interface with HTTP (see notes below).
To enable HTTPS, we must set the following values:
The default secure port is 443, and if you use that port then you do not need to put the port number in the URL. However it seems like further configuration is required to avoid the browser "SSL connection error".
Optionally, we could disable unsecured HTTP traffic with:
And specify the keystore file and passwords to access it:
Hint: In the case that we are working with a customer's certificate the following change must be applied
Finally, Aspire can be started and the admin page can now be accessed using HTTPS: https://my-pc.search.local:50443/aspire
Access to other components should be through HTTPS as well, such as the HTTP Feeder:
- In some instances (possibly all) if you don't turn http off when you turn https on, requests to the https port will hang. It's probably best to turn http off when you turn https on
- The URL must match the server host entered into the certificate. In other words, it should match the "Issuer" name in the certificate. If accessed through another such as https://localhost:50443/aspire it will still work but you will get the error message: "Server's certificate does not match the URL".
- If the certificate has not been signed by a valid CA, the 'lock' icon will appear in red and will show a "Server's certificate is not trusted" message.