TLS/SSL Activation in VisualGroups

TLS/SSL activation is available from Swyx VisualGroups version 1.3 on.

When you want to access the VisualGroups Portal/ wallboards from outside you local network then it is recommended to enforce HTTPS for all external traffic to VisualGroups. 

 The following steps describe the recommeded settings.

 Prerequisites:

• Domain name which points to the VisualGroups machine
• Valid SSL certificate
• Administrator access to the machine and IIS manager

Steps:

• Install URL rewrite (https://www.iis.net/downloads/microsoft/url-rewrite)
• Open inetmgr.exe (IIS manager)
• Go to URL rewrite module on the website under which the VisualGroups application is placed
  
  
• Click add rule and choose blank rule. We are going to add a rule which redirects all external requrests to HTTPS and allows HTTP requests for localhost and local network
  
  
• Set the following fields:
  • Requested URL: Matches the patterns
  • Using: Regular Expressions
  • Pattern: (.*)
  • Ignore case: checked
  • Logical grouping: Match All
  • Add the following rules:
    • Condition input: {HTTPS}
      1. Check if input string: Matches the Pattern
      2. Pattern: ^OFF$
      3. Ignore case: checked
    • Condition input: {HTTP_HOST}
      1. Check if input string: Does Not Match the Pattern
      2. Pattern: localhost
      3. Ignore case: checked
    • Condition input: {HTTP_HOST}
      • Check if input string: Does Not Match the Pattern
      • Pattern: (^127\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^192\.168\.)
      • Ignore case: checked
        
        
  1. Rule#1:
  2. Rule#2:
  3. Rule#2:
  • 
  • No changes 
    
  • Action Type: Redirect
  • Redirect URL: https://{HTTP_HOST}/{R:1}
  • Append Query String: checked
  • Redirect type: Permanent (301)
• Name: a name to identify this rule
• Match URL:
• Conditions:
• Server Variables:
• Actions:
• Save the rule/ press apply
  
  
• The URL rewrite rule is now set, next we can add the HTTPS binding.
• Import your SSL certificate for the domain that you will be using on the machine. (using windows credential manager)
• Click on the website under which the VisualGroups application is placed
  
• Click on 'Bindings…'
  
  
• Click on 'Add…'
• Type: https
• IP address: All Unassigned
• Port: 443
• Host name: enter the hostname that you will be using for this machine (E.G. example.com)
• Require server name indication: unchecked
• Disable HTTP/2: unchecked
• Disable OCSP Stapling: unchecked
• SSL Certificate: Select the SSL certificate for you specified domain. This is imported in an earlier step
• Click OK
  
  
• Restart the IIS website

VisualGroups will now be available over HTTPS when connecting from an external IP

VisualGroups will still be available over HTTP when connecting from localhost or from the local network.