Configuring the SARest Service to support SSL connections
The SARest Service can be configured to support SSL calls. To do so, you must have a valid certificate installed on the machine hosting the SARest Service. The certificate can be 3rd party-signed or self-signed depending on your needs.
A quickstart method of getting a self-signed certificate is available if you have Microsoft IIS installed, in which case you can:
1 Open the IIS Manager.
2 Select the server name in the left panel.
3 In the center pane, open Server Certificates.
4 In the right pane, choose Create Self Signed Certificate.
5 Specify an easy-to-remember name to be selected in the SARest Configuration tool later.
To configure SARest to use the certificate and set the port, you have two options to choose from – use the SARest Configuration tool or edit the configuration file manually.
Using the SARest Configuration tool:
1 Open the System Architect installation folder. By default, the folder is: C:\Program Files\UNICOM Systems\System Architect Suite\System Architect.
Run SAOSLCProviderConfig.exe.
Note This is also available from the Start menu in Windows as SA Rest Configuration Wizard.
2 On the Rest Server Config tab, click the Enable HTTPS checkbox.
3 Click the Configure button. The HTTPS Configuration Details window will open.
4 Set Port to your desired HTTPS port – the default is 8443.
5 Select the Certificate Store and Certificate Name to use for the HTTPS connection.
6 Click Apply.
7 Go to File > Save Configuration. If prompted, restart the REST Service.
Editing the configuration file manually
1 Locate and edit configuration file SARESTWebService.exe.config that is located in the System Architect installation directory.
2 Set value EnableSSL to true.
3 Set SSLPort to your desired HTTPS port.
4 Enter the correct values for your certificateStore, certificateStoreName, certificateHash, and certificateName.
5 Save the file. If the REST Service is running, restart it for the changes to take effect.