Hello friend!

The beta release of Open iT version 10.1 is now available!
Try it out and help us enhance your Open iT experience. Contact support@openit.com to get started.

# Configuring HTTPS in Ingress

# Configure HTTPS with Windows Certificate Store

Open iT Ingress can use secure browsing (HTTPS) using SSL certificates installed in the Windows Certificate Store.

Go to the Open iT Ingress configuration directory, which is C:\Program Files\OpeniT\Ingress\configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.
In the override file, input the necessary details.
1. In the Scheme field, use https.
2. In the Host field, specify the hostname or domain name.
3. In the Port field, specify the port number. You can use the default port for HTTPS, 443.
4. In the Store field, specify the Certificate Store where your SSL certificate is stored.
5. In the Location field, specify the appropriate store location.
SiteBindings.Override.json
```
 1 | {
 2 |    "SiteBindings":  [
 3 |      { 
 4 |         "Scheme": "https",
 5 |         "Host": "customer.openit.com",
 6 |         "Port": "443",
 7 |         "Certificate": {
 8 |           "Store": "My",
 9 |           "Location": "LocalMachine"
10 |         }
11 |      }
12 |    ]
13 | }
```
Save the file.
Open the Task Manager.
Go to the Services tab.
Restart the OpeniTIngress service.

# Configure HTTPS with an SSL Certificate and Key

Open iT Ingress can use secure browsing (HTTPS) using an SSL certificate and key.

Go to the Open iT Ingress configuration directory, which is C:\Program Files\OpeniT\Ingress\configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.

In the override file, input the necessary details.

In the Scheme field, use https.
In the Host field, specify the hostname or domain name.
In the Port field, specify the port number. You can use the default port for HTTPS, 443.
Rename Store to Cert and Location to Key.
In the Cert field, specify the path to the SSL certificate.
In the Location field, specify the path to the SSL key.

SiteBindings.Override.json
| {
|    "SiteBindings":  [
|      { 
|         "Scheme": "https",
|         "Host": "customer.openit.com",
|         "Port": "443",
|         "Certificate": {
|           "Cert": "C:\Program Files\OpeniT\Ingress\configuration\caddy\ssl.crt\server.crt",
|           "Key": "C:\Program Files\OpeniT\Ingress\configuration\caddy\ssl.key\server.key"
|         }
|      }
|    ]
| }

Save the file.
Open the Task Manager.
Go to the Services tab.
Restart the OpeniTIngress service.

Go to the Open iT Ingress configuration directory, which is /opt/openit/ingress/configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.

In the override file, input the necessary details.

In the Scheme field, use https.
In the Host field, specify the hostname or domain name.
In the Port field, specify the port number. You can use the default port for HTTPS, 443.
Rename Store to Cert and Location to Key.
In the Cert field, specify the path to the SSL certificate.
In the Location field, specify the path to the SSL key.

SiteBindings.Override.json
| {
|    "SiteBindings":  [
|      { 
|         "Scheme": "https",
|         "Host": "customer.openit.com",
|         "Port": "443",
|         "Certificate": {
|           "Cert": "/opt/openit/ingress/configuration/caddy/ssl.crt/server.crt",
|           "Key": "/opt/openit/ingress/configuration/caddy/ssl.key/server.key"
|         }
|      }
|    ]
| }

Save the file.
Run the following command to restart Ingress:
Command Syntax
```
systemctl restart openit-ingress-api
```

# Configure HTTPS using Let's Encrypt

Open iT Ingress can use secure browsing (HTTPS) using Let's Encrypt.

Go to the Open iT Ingress configuration directory, which is C:\Program Files\OpeniT\Ingress\configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.
In the override file, input the necessary details.
1. In the Scheme field, use https.
2. In the Host field, specify the hostname or domain name.
3. In the Port field, specify the port number. You can use the default port for HTTPS, 443.
4. Leave the Store and Location fields blank.
SiteBindings.Override.json
```
 1 | {
 2 |    "SiteBindings":  [
 3 |      { 
 4 |         "Scheme": "https",
 5 |         "Host": "customer.openit.com",
 6 |         "Port": "443",
 7 |         "Certificate": {
 8 |           "Store": "",
 9 |           "Location": ""
10 |         }
11 |      }
12 |    ]
13 | }
```
Keeping the Store and Location fields blank allows Caddy to automatically create a certificate.
Save the file.
Open the Task Manager.
Go to the Services tab.
Restart the OpeniTIngress service.

Go to the Open iT Ingress configuration directory, which is /opt/openit/ingress/configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.
In the override file, input the necessary details.
1. In the Scheme field, use https.
2. In the Host field, specify the hostname or domain name.
3. In the Port field, specify the port number. You can use the default port for HTTPS, 443.
4. Leave the Store and Location fields blank.
SiteBindings.Override.json
```
 1 | {
 2 |    "SiteBindings":  [
 3 |      { 
 4 |         "Scheme": "https",
 5 |         "Host": "customer.openit.com",
 6 |         "Port": "443",
 7 |         "Certificate": {
 8 |           "Store": "",
 9 |           "Location": ""
10 |         }
11 |      }
12 |    ]
13 | }
```
Keeping the Store and Location fields blank allows Caddy to automatically create a certificate.
Save the file.
Run the following command to restart Ingress:
Command Syntax
```
systemctl restart openit-ingress-api
```

# Add Multiple Site Bindings

Go to the Open iT Ingress configuration directory, which is C:\Program Files\OpeniT\Ingress\configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.

In the override file, copy the entire site binding section.

For example, copy the contents from line 3 to 11.

SiteBindings.Override.json
| {
|    "SiteBindings":  [
|      { 
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      }
|    ]
| }

Paste the copied contents at the end of the SiteBindings array.

Add a comma , to separate each site bindings.

SiteBindings.Override.json
| {
|    "SiteBindings":  [
|      { 
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      },
|      {
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      },
|      {
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      }
|    ]
| }
...

Modify the values in the additional site binding(s) as needed.

You may also use the following sections for reference:
- Configure HTTPS with Windows Certificate Store
- Configure HTTPS with an SSL Certificate and Key
- Configure HTTPS using Let's Encrypt
Save the file.
Open the Task Manager.
Go to the Services tab.
Restart the OpeniTIngress service.

Go to the Open iT Ingress configuration directory, which is /opt/openit/ingress/configuration by default.
Create a copy of SiteBindings.json and rename the duplicate file to SiteBindings.Override.json.

Open the existing SiteBindings.Override.json, if there is already one.

In the override file, copy the entire site binding section.

For example, copy the contents from line 3 to 11.

SiteBindings.Override.json
| {
|    "SiteBindings":  [
|      { 
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      }
|    ]
| }

Paste the copied contents at the end of the SiteBindings array.

Add a comma , to separate each site bindings.

SiteBindings.Override.json
| {
|    "SiteBindings":  [
|      { 
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      },
|      {
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      },
|      {
|         "Scheme": "http",
|         "Host": "",
|         "Port": "8080",
|         "Certificate": {
|           "Store": "",
|           "Location": ""
|         }
|      }
|    ]
| }
...

Modify the values in the additional site binding(s) as needed.

You may also use the following sections for reference:
- Configure HTTPS with an SSL Certificate and Key
- Configure HTTPS using Let's Encrypt
Save the file.
Run the following command to restart Ingress:
Command Syntax
```
systemctl restart openit-ingress-api
```