Configuring Backup My Org to Run as HTTPS

Prerequisite: Ensure your certificate is generated with the MAC option for your SSL certificate.

Option 1: Using an existing IIS PFX Certificate (RECOMMENDED)

  1. Export the certificate from IIS:
    a. From your Start menu, open “Internet Information Services (IIS) Manager
    b. Click on the server name in the "Connections" pane (located left-hand side) 
    c. In the middle pane, double-click on "Server Certificates"
    d. Select the certificate you want to export
    e. Click "Export" in the "Actions" pane (located on the right-hand side)
    f. Follow the wizard to export the certificate as a .pfx file (Note: remember the passphrase you specified to protect the cert)
    g. Export the PFX to your GEO Jobe product’s main folder
    (Note: if you don’t have an export option you may need to re-import the certificate to IIS with the allow export option)

 

  1. Open the command prompt and navigate to the BackupMyOrg main directory and insert:

backupmyorg pfx <INSERT PASSPHRASE HERE>

(Note: This will save the passphrase as an encrypted string in the MongoDB database.)

 

  1. In the product’s main application directory, locate the config/nodeconfig.json and make the following modifications in the JSON file:

    "useHTTPS": true,  "certs": {     "certificate": "",     "key": "",     "pfx": "ADD PFX FILE NAME HERE"   },

(Note: If you are using an absolute path in your nodeconfig.json, be sure to use double backslashes, such as "C:\\BackupMyOrg\\Certificates\certificate.pem"

 

  1. Restart your Backup My Org server app or service.

    1. https://localhost:8500 or https://yourwebdomain:8500 (for Backup My Org)

 


Option 2: Using a key and pem file

  1. Both a certificate and key .pem file are required. (If you need to generate these, you can do so by downloading OpenSSL at: https://slproweb.com/download/Win64OpenSSL_Light-3_4_0.msi

  2. Open the command prompt in Windows.

  3. Run the following commands to generate your private key and public certificate:

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem openssl x509 -text -noout -in certificate.pem
  1. Once you have the cert and key files, copy them to your Backup My Org main folder.

  2. Edit the config/nodeconfig.json file and make the following modifications:

  1. Restart your Backup My Org server app or service.

    1. https://localhost:8500 or https://yourwebdomain:8500 (for Backup My Org)

 

See A "Not Secure" Warning On Your Browser?

If you have created a self signed certificate, those will always appear as not trusted.

You will need to buy a certificate from a trusted source (such as Verisign) to have a signed certificate from an authority.

 

10.18.2024 4.png

 

 


Option 3: Convert an existing IIS Certificate into a key/pem

To convert an IIS certificate to a .key and .pem format for use in Backup My Org you can follow these steps:

  1. Export the certificate from IIS:
    a. From your Start menu, open “Internet Information Services (IIS) Manager
    b. Click on the server name in the "Connections" pane (located left-hand side) 
    c. In the middle pane, double-click on "Server Certificates"
    d. Select the certificate you want to export
    e. Click "Export" in the "Actions" pane (located on the right-hand side)
    f. Follow the wizard to export the certificate as a .pfx file (remember the password you specified to protect the cert)
    (Note: if you don’t have an export option you may need to re-import the certificate to IIS with the allow export option)

 

  1. Convert the .pfx file to a .pem file using OpenSSL:
    a. Install OpenSSL on your computer if it is not already installed (Windows version can be found at: Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions
    b. Copy the .pfx file to the OpenSSL /bin folder
    c. Open a command prompt or terminal window
    d. Navigate to the openSSL bin directory
    e. Run the following command (changing exported cert name as necessary):

This command will prompt you for the password you used to protect the .pfx file. Enter the password and press Enter. The command will create a .pem file in the same directory as the .pfx file.

 

  1. Extract the private key from the .pem file using OpenSSL:
    a. Run the following command in the same directory where the .pem file is saved:

This command will extract the private key from the .pem file and save it as a separate .key file in the same directory.

 

  1. Copy the .pem and .key to the application directory and configure config/nodeconfig.json
    a. Copy the new .pem and .key file to your application root directory
    b. Open <application directory>\config\nodeconfig.json
    c. Modify the settings as follows (changing names as necessary):

 

  1. Restart the Backup My Org server and open the browser using HTTPS location.

If you encounter any issues completing these steps, please contact support@geo-jobe.com for assistance.


Related Articles:

Configuring Admin Tools to run as HTTPS

Configuring Clean My Org to run as HTTPS