HTTPS and SSL

Infor Smart Office uses the Microsoft .Net framework, which requires secure HTTP transactions (web service calls). In order to achieve secure HTTP (HTTPS) transactions, a Secure Sockets Layer (SSL) certificate is required. The SSL certificate is an electronic document that is used to verify server identity and to encrypt communication between server and client.

An SSL certificate must be created for each physical server web server. The SSL certificate can be issued by a third-party vendor, by an internal certificate server, or it can be self signed. A web server that is accessed over HTTPS must always be accessed with the URL for which the SSL is created. For example, if the SSL certificate is created for myserver.mycorp.com, the URL must always be specified with exactly that name. It will not work to only configure URLs in the systems profile with the server name only, even if the DNS will help the clients find the server.

Different SSL certificates can be used.

• Issued by a third-party vendor. This works over the Internet but costs money and might take several days to obtain.

• Issued by an in-house certificate authority. This works in an internal network and is free of charge.

• Self-signed certificate. This type of certificate is not recommended because it is not as secure as certificates issued by a root certificate. The certificate must also be installed on every client machine for Infor Smart Office to start. For more information about how to install a self-signed certificate, see Working with SSL certificates.

For information about how to configure HTTPS in the Grid, see the administration guide for Grid.