You can configure properties to force logons from the server UI to use HTTPS, by editing the
trc.properties file. In a new server installation, the following
properties are all set to
True by default.
enforce.secure.weblogon=
Modifiable field |
enforce.secure.weblogon |
Field Description |
Make the default log on action from the web UI
use HTTPS. This property requires secure.url to be set with the full host
name. |
Possible Values |
True or False |
Value Definition |
- True
- Logons from the BigFix® Remote Control
Server UI use HTTPS.
Logons that use HTTP through another tool or page are not prevented.
HTTPS is not shown in the
URL, but the logon page with USERID/PASSWORD is posted as HTTPS. The secure.url
parameter is used. If this property is set incorrectly, the logon does not succeed. This value is the default value.
- False
- Log on by using HTTP or HTTPS, whichever is entered in the browser
URL.
|
enforce.secure.alllogon=
Modifiable field |
enforce.secure.alllogon |
Field Description |
Force any logon action to use HTTPS, deny any logon that
does not use HTTPS. This property requires secure.url to be set with the full
host name. |
Possible Values |
True or false |
Value Definition |
- True
- Any logon attempt that uses HTTP is rejected and redirected to the
logon page. This value is the default value.
- False
- Log on by using HTTP or HTTPS, whichever is entered in the browser
URL.
|
The difference between the parameters is as follows. Use the
enforce.secure.weblogon parameter to ensure that the user ID and password are
passed from the logon page and posted over HTTPS regardless of the URL. However, you can still log
on by using HTTP either through a custom page or another tool. Use
enforce.secure.alllogon to prevent all logons that are using HTTP. The logon
link rejects any connection that is not HTTPS, when
enforce.secure.alllogon is
set.
Note: The secure.url property must be set with a proper host name, not
localhost.