HOW DO I CONFIGURE BZAS / HOSTFRONT SERVER TO RUN WITH AN SSL-ENABLED WEB SERVER?

August 12, 2010

Introduction

BZAS/HostFront provides a built-in 128-bit encryption support between BZAS/HostFront client ActiveX (Display, Printer, and File Transfer) and the BZAS/HostFront Server. In addition to its built-in encryption, the BZAS/HostFront Client ActiveX (HFDSP.OCX, HFPRT.OCX, and HFFT.OCX) supports SSL secure connections.

This article covers the step-by-step configuration to the BZAS/HostFront for SSL enabled Web Server.

More Information

About Secure Socket Layer (SSL)

The Secure Sockets Layer (SSL) protocol provides a data security layer for HTTP data transfers. This security protocol provides Data Encryption Server Authentication Message Integrity for a TCP/IP connection.

SSL also provides a security handshake used to initiate the HTTP connection. This handshake allows the browser and the web server to agree on the level of security to use and meets any authentication requirements for the connection. Thereafter, SSL’s only role is to encrypt and decrypt the application protocols byte stream (such as HTTP). Which means that the SSL encrypts fully all the information for both the HTTP request and the HTTP response, including:

  • The URL the client requests

  • Any submitted form contents

  • Any HTTP access authorization information

  • All the data returned from the server

An SSL-enabled server can send and receive private communication across the Internet to SSL enabled browsers. However, it has been noted that SSL-encrypted transmissions are slower than unencrypted transmissions.

BZAS/HostFront Server configuration to support the Secure Socket Layer (SSL)

There are two ways to enable the SSL support in BZAS/HostFront server as follows:

  • Installing BZAS/HostFront server with SSL

  • Changing the existing BZAS/HostFront server to SSL

Note: For both the options, please make sure first that the IIS is configured with SSL (https)
Installing BZAS/HostFront server with SSL
Check the “Secure Connection” Tab to enable SSL while installing BZAS/HostFront Server.
For the AS/400 5250

2356image01

For the Mainframe 3270

2356image02

After finishing BZAS/HostFront installation try connecting the BZAS/HostFront Server with the “HTTPS” URL from the Client machine.
Changing the existing BZAS/HostFront server to SSL
Stop all the BZAS/HostFront Server Services in Host Access Manager (HAM) and follow the below given steps:

1. Right Click the Cluster Database and Click Properties

2356image03

2. In Cluster Properties click Server tab

2356image04

3. In Servers windows check the “SSL Enabled” tab, click “OK” to close the Cluster Properties windows and Start all the BZAS/HostFront Server Services.

2356image05

Steps to change the SSL value in below htm files

1. For Mainframe: Axd3270.htm, axp3270.htm, axft3270.htm
For AS/400: Axd400.htm, axp400.htm, axft400.htm
In HAM, click Tools and select HTML Editing Wizard

2356image06

2. In HTML Editing Wizard Welcome window, click Next

2356image07

3. Select “From Servers” tab and click Next

2356image08

4. Type the (.htm )file and select the connection Type as per its related Host

2356image09

5. Change the port value to 443 and click Next

2356image10

6. Click Next

2356image11

7. Select “Propagate the page to server” tab and click Next

2356image12

8. Click Next

2356image13

9. Select all the BZAS/HostFront Server and click Next

2356image14

10. Select “Finish” and click “Next” to close the window.

2356image15

Steps to change the SSL value in below htm.js files

1. For Mainframe: Axd3270.htm.js, axp3270.htm.js, axft3270.htm.js
For AS/400: Axd400.htm.js, axp400.htm.js, axft400.htm.js

2. Open the “HTML Pages Editing Wizard”, type the correct htm.js file, select the Connection Type as per your Host, and click Next

2356image16

3. Change the “CODEBASE =HTTP to HTTPS” and click Next

2356image17

4. Click Next

2356image18

5. Select “Propagate the page to server” tab and click Next

2356image19

6. Click Next

2356image20

7. Select all the BZAS/HostFront Server and click Next

2356image21

8. Select “Finish” and click “Next” to close the window

2356image22

9. Finally, connect the BZAS/HostFront Server with the “HTTPS” URL from the Client machine.

The information in this article applies to all listed Servers including Demo and Setup versions:

– BlueZone Access Server Ver. 5 and higher
– HostFront Server Ver. 5 and higher