Setting Up SSL
SSL (Secure Sockets Layer) is a security protocol that encrypts the server-client data channel. In Sisense, SSL secures the link between the Sisense server, specifically the IIS web server included in the Sisense installation, and the clients’ browsers (where dashboards are created and viewed). With SSL in place, you can access Sisense via an HTTPS secure connection, which is password protected. This is recommended when you want users to be able to access dashboards from outside the organization.Note: Configuring SSL on your Sisense server and in your IT environment should be performed by an IT Specialist or Web Administrator.
The following prerequisites and steps are required for setting up SSL in Sisense:
- Make sure your Sisense instance is using the IIS web server and not the default IIS Express server. You can check this by verifying the following settings:
- Open your IIS Manager from the Windows Start menu. (The name of the IIS Manager may differ between different versions of Windows.)
- Expand the server, and under Sites, you should see SisenseWeb or PrismWeb sites.
Open your Control Panel, and open Administrative Tools > Services. Verify that the SisenseWeb.Express (Prism.WebExpress for earlier versions) does not appear in the list of services.
If you need help moving over from IIS Express to IIS, click here.
- Install a valid SSL certificate on your IIS server.
- In your IIS Manager, add HTTPS to the Site Bindings settings. Right-click your web site and select Edit Bindings… Click Add, and select HTTPS, and the IP Address. The default port for HTTPS is 443.
Note: You must maintain at least one non-HTTPS port bound to the website, which Sisense uses for internal communication. You can still restrict external traffic over this port through your firewall settings.
- If your organization is rerouting HTTP requests to HTTPS, directly to your web server, please consult your IT specialist for the correct binding and routing configuration.
- After completing the above steps, the Sisense Web site will answer for both secure and non-secure requests (HTTP & HTTPS). If you want your users to be automatically redirected to the HTTPS session, please read the instructions in this support post.
If you use a reverse proxy or load balancer:
Navigate to the following folder: “C:\Program Files\Sisense\PrismWeb\AnalyticalEngine\dist\config” and open the production.json file with a text editor.
Add the line “baseUrl”: “XXXXXXXXXXXXX”, before the line “forkEnable”, after the bracket where XXXXXXXXXXXXX should be replaced with the URL of the Sisense server, followed by a comma. Note: If your baseUrl is not on port 80, the URL should include the port number, for example, “http://localhost:8081” or “http://yourdashboardsite.com:8081”. Do not replace the value of Port in the config file with the baseUrl’s port number. In addition, do not modify the values of “forkEnable” or “Port” when attempting to configure secure connections for exporting tables to Excel.
- Restart the IIS service.
- To enable HTTPS in the URL links for your shared dashboard reports and email invites, you must enable SSL in your System Configuration settings.
- In your Sisense Web Application, click Admin and select Settings.
- Toggle the SSL switch to on.
- Click Save.