How do I configure SPA to run using the secure HTTPS protocol instead of HTTP?
Both Admin and User site are launching as HTTP instead of HTTPS.
SPA does not launch as a secure Website.
Secure Password Administrator (SPA) can launch as a secure Website (HTTPS) or as as a non-secure Website (HTTP). There are two ways to configure SPA to launch as HTTPS:
- During SPA installation, choose the option to not use IIS to run the Web server component. In this case, no extra configuration is necessary. SPA will run using HTTPS.
- During SPA installation, choose the option to use IIS to run the Web server component. Then, enable SSL on the SPA Website in IIS. For more information, see steps below.
Using either of these options allows the Admin and User sites to run in the secure HTTPS mode.
To enable SSL in the Internet Information Services (IIS) Manager (second option above):
- Launch Internet Information Services (IIS) Manager on the Web Server hosting SPA.
- Expand <server name> (local computer).
- Expand Web Sites and Default Web Site.
- Right-click the SPA website and select Properties.
- Select the Directory Security Tab and under Secure Communications select Edit.
- Toggle the Require secure channel (SSL) checkbox.
- Click OK and OK to exit.
SPA was configured to use IIS during installation.
If you choose to enable IIS during installation, you must stop and restart the IIS Admin Service and its dependencies.