Menu

Search

LOGbinder Support


Using HTTPS with Windows Event Forwarding and Supercharger


bjvista
How To

We do not provide consulting for using WEC over HTTPS as part of Supercharger support contracts. The following information is provided as a courtesy and may not cover every detail or situation in your environment because of the complexity of PKI.

We will provide support on configuring the Supercharger IIS website to use HTTPS in terms of the local configuration of IIS. It is your responsibility to enroll the server with a valid server certificate and private key and import it. We do not provide support on PKI issues or certificate enrollment.

The following information may be of help.

There are two different areas where HTTPS may be used:

  1. Forwarding events with WEC using a https:// URL for the target subscription manager when you target computers at the collector
  2. the URL you use to access the Supercharger GUI/Dashboard, for example, https://localhost/Supercharger

For #1 above there are a few things you have to do:

  • ​Install a certificate for the server along with its private key. This can easily be done using an Enterprise CA in AD.
  • The signing CA of the server certificate must be trusted by the forwarder computers​.
  • Make sure permission on the private key allow WinRM to access it.
  • Create a firewall exception rule to allow data over port 5986.
  • You may have to run "winrm qc - transport:https". This would have to be ran after the cert is installed and configured.

For #2 above there are many options to complete this. Configuring Supercharger to use HTTPS is the same as configuring HTTPS for any website. Your organization will have to determine which process meets its security requirements. Because of this, we do not provide a guide for setting up websites using HTTPS. This is fully documented online from multiple resources. Here, though, are a few points to keep in mind:

  • (You can use the same certificate as #1 above)
  • ​Install a certificate for the server along with its private key. This can easily be done using an Enterprise CA in AD.
  • The signing CA of the server certificate must be trusted by the client computers​.
  • The signing CA of the server certificate must be trusted by the forwarder computers​.
  • Make sure permission on the private key allow WinRM to access it.
  • Create a firewall exception rule to allow data over port 443.
  • Configure IIS to use the certificate for the Supercharger site.

On a scale of 1-5, please rate the helpfulness of this article


Not Helpful
Very Helpful
Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


Still have questions - Submit a new ticket