All data that is sent by HTTP is not encrypted and can be inspected. For this reason, we added an option to enable HTTPS for Flexmonster Accelerator. HTTPS encrypts all data that is sent from the client to the Accelerator and vice versa.
Follow the steps below to configure a secure HTTPS connection for your setup.
Skip this step if you have already imported the certificate to your machine's certificate store. Otherwise, open Windows PowerShell and run one of the following commands, depending on the type of your certificate:
Import-PfxCertificate -FilePath <cert.pfx> -CertStoreLocation Cert:\LocalMachine\My
Where:
<cert.pfx> — the path to your .pfx certificate.Learn more about the Import-PfxCertificate command.
Import-Certificate -FilePath <cert.file> -CertStoreLocation Cert:\LocalMachine\My
Where:
<cert.file> — the path to your .sst, .p7b, .cert (.cer) certificate.Learn more about the Import-Certificate command.
Once the certificate is imported, you should see the following message in the console:
Thumbprint Subject
---------- -------
XXXXXXXXXXXXXXXXXXXXX CN=example.com
Notice Thumbprint — it is your certificate's SHA-1 hash represented as a hex string. You will need it in the next step.
On an elevated console (“Run as administrator”), register the server certificate by running this command:
netsh http add sslcert ipport=0.0.0.0:<port> certhash=<certHash> appid=<app-guid>
Where:
<port> — the listening port (50005 by default). The IP address 0.0.0.0 matches any IP address for the local machine. Ensure that the port you specify in the <port> parameter is not being used by other servers. Remember to set the same port as the PORT parameter in flexmonster.config.<certHash> — the certificate's SHA-1 hash represented as a hex string. It is the same as your certificate's thumbprint from the previous step. Verify that the <certHash> you specify in this command matches the hash of your certificate file.<app-guid> — specify a random GUID used to identify the owning application. Format the GUID like this: {00000000-0000-0000-0000-000000000000}.netsh http add sslcert ipport=0.0.0.0:443 certhash=XXX appid='{YYY}'If any errors occur, verify that the SSL certificate is properly installed in the personal store and has an assigned private key. To see all installed SSL certificates, use this command:
netsh http show sslcert
After you have registered the certificate, you need to enable HTTPS.
For the Accelerator as a DLL, HTTPS should be enabled on the server where the Accelerator is embedded. If you are using the Accelerator as a Windows service, follow the steps below:
Step 3.1. Go to Flexmonster Accelerator Manager and click the Config button to open the flexmonster.config file.
Step 3.2. In flexmonster.config, set the HTTPS parameter to true:
HTTPS=true
Step 3.3. To apply new configs, restart the Accelerator using Flexmonster Accelerator Manager: click the Stop button and then click Start.
You can check if the Accelerator is up and running by navigating to its URL in the browser (https://localhost:50005 by default).
Now it’s time to configure Flexmonster Pivot Table & Charts. Let’s create a minimal configuration using the JavaScript API (replace proxyUrl, catalog, and cube parameters with your specific values):
const pivot = new Flexmonster({
container: "pivotContainer",
componentFolder: "node_modules/flexmonster/",
toolbar: true,
report: {
dataSource: {
type: "microsoft analysis services",
proxyUrl: "https://localhost:50005",
catalog: "Adventure Works DW Standard Edition",
cube: "Adventure Works",
binary: true
}
}
});
Note that proxyUrl now uses https://. That means that the data is protected and encrypted with your SSL certificate.
You may be interested in the following articles: