Configuring SSL in IIS Express

Recent Lansweeper releases automatically set up SSL for you if you install the console under IIS Express, the default web server. If you update your Lansweeper installation from an older release, SSL is automatically set up as well. You can customize your SSL setup however, by choosing a custom HTTPS port, setting up a custom certificate and/or forcing HTTPS.

To customize your SSL setup if your console is running under IIS Express (the default web server), do the following:

1. Stop the IIS Express service in Windows Services
   
2. If you would like to change the HTTPS port chosen during your initial Lansweeper installation, open the file below with Notepad or another text editor, perform a search for bindingInformation and replace your current HTTP and HTTPS ports with custom (free) ports of your choice.
   Program Files (x86)\Lansweeper\IISexpress\iisexpress.config
   
3. If you would like to replace the built-in SSL certificate with your own one, perform these steps:
   1. open the Windows Certificate Manager (certmgr.msc) and browse to your own certificate
   2. double-click on your certificate and open tab "Details"
   3. mark the "Thumbprint" attribute and copy its value
      
   4. open the following file with Notepad or another text editor, search for UseCustomSSLCertificate and set it to 1
      Program Files (x86)\Lansweeper\IISexpress\IISExpressSvc.exe.config
   5. paste the Thumbprint of your certificate into the value of CertificateThumbPrint and save the file
      
   Client browsers need to trust your certificate or have it locally installed in order to open the web page on an HTTPS connection
4. Restart the IIS Express service in Windows Services
   
5. Optionally, you can have Lansweeper redirect HTTP traffic to HTTPS by ticking Force Https in the following section of the web console: Configuration\Website Access. You may need to restart the IIS Express service again to make the change take effect.
   
   
    Old Lansweeper releases may ask you to submit the HTTPS port in the web console as well. Make sure the HTTPS port submitted in the web console matches the HTTPS port submitted in your iisexpress.config file earlier.
    Make sure HTTPS access is working properly prior to ticking Force Https. If the HTTPS port is incorrectly configured, you will lock yourself out of the web console. You can test HTTPS access by browsing to: https://<IP or name of the machine hosting your console>:<HTTPS port number>/
   Should you lock yourself out, run the following executable on the machine hosting the Lansweeper service and hit Reset Https: Program Files (x86)\Lansweeper\Service\ResetWebUserRoles.exe