Enabling SSL/TLS on the ITM On-Prem (ObserveIT) Application Server/Web Console Server

When logging on to the Web Console, ITM On-Prem (ObserveIT) Console Users enter their credentials in the form of a user name and password. To secure this information and all traffic between the client machine and the server running the ITM On-Prem Web Console, it is recommended to use either the SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption protocol. You can do this by enabling SSL/TLS on the ITM On-Prem (ObserveIT) website, and then configure usage on the ITM On-Prem (ObserveIT) virtual directory that is used by the ITM On-Prem Web Console.

Before working with TLS you must configure it to work in ObserveIT. For details, see Configuring ITM On-Prem (ObserveIT) to Use TLS for Securing Traffic.

In addition, to enable SSL/TLS encryption between the ITM On-Prem (ObserveIT) Agents and the ITM On-Prem (ObserveIT) Application Server, once SSL/TLS is enabled on the ITM On-Prem (ObserveIT) website, you can configure SSL/TLS usage on the ITM On-Prem (ObserveIT) virtual directory that is used by the ITM On-Prem (ObserveIT) Application Server. In this way, all traffic between the ITM On-Prem (ObserveIT) Agents and the ITM On-Prem (ObserveIT) Application Server will also be protected by using SSL/TLS encryption.

In most cases, the ITM On-Prem (ObserveIT) Application and Web Management Server components are installed on the same server; however, some clients prefer to install them separately on different servers.

To enable SSL/TLS on the Application Server that hosts the ITM On-Prem Web Console

  1. Create a digital certificate request by using the Internet Information Services (IIS) Manager MMC snap-in.

  2. Submit the digital certificate request to a Certificate Authority (CA) by using an online process or Web enrollment form, or by sending a text file containing the request to the CA.

  3. After the CA has approved your request, issue and download the digital certificate.

  4. Install the digital certificate on the ITM On-Prem (ObserveIT) website using the Internet Information Services (IIS) Manager MMC snap-in.

  5. Configure the ITM On-Prem (ObserveIT) virtual directory to require SSL/TLS.

To enable SSL/TLS on the computer that is used to access the Web Console

  1. Configure the ITM On-Prem Web Console shortcut (or favorite) to use SSL/TLS to communicate with the Web Console. This is done by changing the URL used from HTTP to HTTPS.

  2. Potentially, if using an internal CA for the digital certificate, you might need to configure these computers to trust that CA. This is done by importing the CA's root certificate to the computer(s) that will access the SSL-enabled website.

For further details, refer to the relevant Microsoft Knowledge Base articles, in particular: "There is a problem with this website's security certificate" when you try to visit a secured website in Internet Explorer.