Expose Microsite in https
Our client wants to expose Microsite as https service and not as http. For this what additional settings need to be done at the PEGA end.
Is there any additional configuration to be done in the application server side.
All other services of the client are not secured i.e. plain http. Now if they want to expose Microsite as a secured service will it cause any issue to the existing unsecured services.
Thanks.
Suman
Pegasystems Inc.
US
I believe this was responded to in a different thread, but generally you need not configure anything additional to support https. If it works for http, it should seamlessly work for https, assuming your https certificates are in order and traffic can flow to the https endpoint. Check your firewall to ensure that endpoint is accessible.
Areteans
SG
One more query on this is :
Can we have the microsite HTTPS only and several other services currently running services as HTTP? Can both protocols co-exist.
How can we achieve this ?
Thanks for your help and support.
Regards,
Suman.
Pegasystems Inc.
NL
Suman,
You can use a service like AWS ClountFront or Apache to handle the HTTPS redirection to the HTTP microsite.
Marco.
Accenture
AE
Hi Marco
The problem is that the security team is agreeing in using a reverse proxy but they are still expecting that we will expose the microsite in HTTPs. (as mentioned by Suman all our existing services are in HTTP)
I was thinking, can we create a new JVM (and so a new port) that will be used only for the microsite and install the SSL certificate there only? Is this possible? Is this causing problem to the Pega cluster?
as i see it, I don’t think that we can reuse the existing nodes that we have right now… we are exposing all the services from one node (7005 or 7009) so if we deploy the SSL certificate in that node then all the services must comply with HTTPs.
what do you think?
Accenture
AE
Hi everyone
we implemented the reverse proxy but apparently the link produced from Pega has some spaces (the %09% below) and it get blocked by the reverse proxy itself because this lead to Evasion technique attack vulnerability.
Hi everyone
we implemented the reverse proxy but apparently the link produced from Pega has some spaces (the %09% below) and it get blocked by the reverse proxy itself because this lead to Evasion technique attack vulnerability.
GCS proposed us some solution that should have trimmed the spaces but unfortunately it didn’t work (the spaces are still there).
has anyone faced similar problem ? how it can be solved?
Pegasystems Inc.
US