Running SignalR with SSL

With the certificate installed, switching SignalR to start with SSL is as easy as changing the startup URL on both the clients AND StifleR Server.

Clients

On new and existing StifleR Clients, setting the SSL info is performed within the StifleR.ClientApp.config file which resides in the StifleR Client installation folder:

<add key="StiflerServers" value="https://SERVER.2PSTEST1.LOCAL:1414”/>

SignalR Dashboard URL Configuration

To configure the Web Page which will consume the SignalR service change the script URL that loads up the SignalR client library for the Dshboards or connections in your app.js file ( \Installation Path\StifleR\Dashboards\App\App.js) as follows:

app.value('backendServerUrl', 'https://2PINT.2PINT.LOCAL:1414');
app.constant('backendLocationServerUrl', 'https://2PINT.2PINT.LOCAL:9000/api');

where the URL strings are the local machine name to which the certificate is registered.

As with all certificates make sure that the domain name exactly matches the certificate's name. For local machines this means that you cannot use localhost or the NetBiosName (as it will be by default). Don't use your IP address either! - Use only the name to which the certificate is assigned.

StifleR Service Endpoint

You'll also need to assign the Dashboards URL to your SSL URL as part of the SignalR startup routine that is used internally in the Stifler Server Service:

<add key="ListenToUrl" value="https://*:1414/" />
<add key="LocationWSListenToUrl" value="https://*:9000/"/>

This binds SignalR to the all IP addresses on Port 1414. You can also specify a specific IP address, but using * is more portable especially if you set the value as part of a shared configuration file.

IIS Configuration

Finally you need to bind the server certificate to the default website so that an SSL connection can be made to the dashboards.

  • In IIS Admin go to Sites -> Default Website

  • Click on the ’Bindings’ menu item on the far-right of the Admin console

  • Add a binding for your Server Certificate on port 443 – leaving the IP Address range to ’All Unassigned’

From a development perspective, other than the two small URL changes and IIS Bindings, there isn't anything that changes for SSL operation, which is nice.·

  • Important: You must restart the StifleR service for the changes to take effect.

And… you're done!