Please review this guide to run Backup My org or Clean My Org as HTTPS:
...
Export the certificate from IIS:
a. Open the IIS Manager
b. Click on the server name in the "Connections" pane (located left-hand side)
c. In the middle pane, double-click on "Server Certificates"
d. Select the certificate you want to export
e. Click "Export" in the "Actions" pane (located on the right-hand side)
f. Follow the wizard to export the certificate as a .pfx file (Note: remember the passphrase you specified to protect the cert)
g. Export the PFX to the BackupMyOrg/CleanMyOrg main folder
(Note: if you don’t have an export option you may need to re-import the certificate to IIS with the allow export option)- Open the command prompt and navigate to the BackupMyOrg/CleanMyOrg directory and type:
backupmyorg pfx <passphrase>
OR
cleanmyorg pfx <passphrase>
(Note: This will save the passphrase as an encrypted string in the MongoDB database.) - In the main application directory, edit the config/nodeconfig.json file and make the following modifications:
Note: If you are using an absolute path in your nodeconfig.json file, be sure to use double backslashes, such as "C:\\BackupMyOrg\\Certificates\certificate.pem" or "C:\\CleanMyOrg\\Certificates\certificate.pem"
"useHTTPS": true,
"certs": {
"certificate": "",
"key": "",
"pfx": "<name of your PFX file>"
}, - Restart your CleanMyOrg server app or service, then load https://localhost:8500 or https://yourwebdomain:8500 (for BackupMyOrg) or https://localhost:8000 or https://yourwebdomain:8000 (for Clean My Org) in your browser.
...
- Both a certificate and key .pem file are required. (If you need to generate these, you can do so by downloading OpenSSL at https://slproweb.com/download/Win64OpenSSL_Light-3_2_0.msi)
- Open the command prompt in Windows
- Run the following commands to generate your private key and public certificate:
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
openssl x509 -text -noout -in certificate.pem - Once you have the cert and key files, copy them to your BackupMyOrg or CleanMyOrg main folder
- Edit the config/nodeconfig.json file and make the following modifications:
- “useHTTPS”: true,
- “certificate”: <name of your certificate.pem file>,
“key”: <name of your key .pem file>
Note: If you are using an absolute path in your nodeconfig.json file, be sure to use double backslashes, such as "C:\\BackupMyOrg\\Certificates\certificate.pem" or "C:\\CleanMyOrg\\Certificates\certificate.pem" - Restart your CleanMyOrg server app or service, then load https://localhost:8500 or https://yourwebdomain:8500 (for BackupMyOrg) or https://localhost:8000 or https://yourwebdomain:8000 (for Clean My Org) in your browser.
...
Info | ||
---|---|---|
| ||
If you have created a self signed certificate, those will always show up as not trusted. You will need to buy a certificate from a trusted source (such as Verisign) to have a signed certificate from an authority. |
Option 3: Convert an existing IIS Certificate into a key/pem for use with BackupMyOrg / CleanMyOrg
...