Configure SSL or TLS for Analytics Center

To configure SSL or TLS for Analytics Center, ​do the procedure in this topic.

Background and Setup

Prerequisites

Good to Know

  • For security, AgilePoint recommends you use a standard SSL or TLS certificate, and not a self-signed certificate.
  • AgilePoint NX supports any version of SSL or TLS, but limitations to the versions of SSL or TLS you can use in your environnment may apply based on software or systems outside of AgilePoint NX. The following are examples of restrictions that may apply to the SSL or TLS versions that could apply in your environment. However, the specifc rules depend on your specific configuration:
    • AgilePoint Server relies on the version of SSL or TLS that is configured for .NET on your AgilePoint Server machine. For example, by default, .NET 4.7.1 supports TLS 1.2 or higher.

      This configuration can be changed, but any downgrade in the supported version of SSL or TLS can result in security risks. For more information, see the documentation from Microsoft.

    • Outside services, such as Salesforce, may require certificates with higher levels (or specific levels) of SSL or TLS.

      You can test your certificate with several third-party, web-based services—for example, https://www.digicert.com/help/

    • If you want to connect to mobile apps that use iOS 9 or higher, your certificate must use Apple's App Transport Security standard.

      For more information, refer to NSAppTransportSecurity from Apple.

  • The security protocols supported by third-party technologies are subject to change are the responsibility for the associated vendors. These are subject to change without notice from AgilePoint.

If TLS Versions Lower Than 1.2 or Ciphers are Disabled in Your SSL or TLS Certificate, Update the web.config File

If TLS versions lower than 1.2 are disabled or ciphers are disabled in your SSL or TLS certificate, do the procedure in this topic.

Prerequisites

  • TLS versions lower than 1.2 are disabled or ciphers are disabled in your SSL or TLS certificate.

    This is not typical for most AgilePoint NX environments. However, if this applies to your environment, you must complete this step before you configure the HTTPS URL for Analytics Center.

  • Create a backup copy of the file (Analytics Center virtual directory) C:\Program Files\AgilePoint\AgilePointWebApplication\AgilePointReports\AgilePointAnalytics\\web.config.

How to Start

  1. In a text editor, open the file (Analytics Center virtual directory) C:\Program Files\AgilePoint\AgilePointWebApplication\AgilePointReports\AgilePointAnalytics\\web.config.

Procedure

  1. In the web.config file, search for the node system.web.
  2. Remove the comments from the system.web node for targetFramework="4.6".
    <system.web>
      <compilation debug="true" targetFramework="4.6" />
      <httpRuntime maxRequestLength="1048576" targetFramework="4.6" />
      <httpHandlers>
        <add verb="*" type="Nancy.Hosting.Aspnet.NancyHttpRequestHandler" path="api/*" />
      </httpHandlers>
    </system.web>
  3. Comment out the system.web node for targetFramework="4.0".
    <!--
    <system.web>
      <compilation debug="true" targetFramework="4.0" />
      <httpRuntime maxRequestLength="1048576" />
      <httpHandlers>
        <add verb="*" type="Nancy.Hosting.Aspnet.NancyHttpRequestHandler" path="api/*" />
      </httpHandlers>
    </system.web>
    -->
  4. Reset IIS.

Change the URL for Analytics Center to Use HTTPS

To change the URL for Analytics Center to use HTTPS, do the procedure in this topic.

Good to Know

  • The Update URL tab on the Analytics Center Management Utility does not show or retain configuration values. Each time you change configuration values on this screen, you must change all of the configuration values.

    It is recommended that you store your configuration information for Analytics Center in a secure location that is easy to find.

  • The Analytics Center Management Utility will not change any configuration values unless values for all of the configuration fields are complete.

How to Start

  1. On the AgilePoint Server machine, right-click the file (Analytics Center Management Utility installation folder) C:\Program Files\AgilePoint\AgilePointServer\Master_Analytics\bin\AgilePoint.Analytics.Management.exe, and click Run as administrator.

    AgilePoint Analytics Management Application Path
  2. On the Analytics Management Utility, click the Update URL tab.

    AgilePoint Analytics Center Management Utility screen

Procedure

  1. On the Starter Pack For Analytics Center tab, complete these fields:

    Starter Pack For Analytics Center tab
    Field NameDefinition

    Analytics API URL

    Description:
    Specifies the runtime URL for Analytics Center in your environment, followed by /api.
    Allowed Values:
    Analytics Center URL, followed by /api in this format:

    [Your AgilePoint NX Portal URL]/AnalyticsCenter/api

    Default Value:
    None
    Example:
    https://myagilepointnxdomain.com/AnalyticsCenter/api

    The domain name for the production environment changes based on the configuration of your environment.

    AgilePoint Server REST URL

    Description:
    Specifies the REST URL for your AgilePoint Server instance.

    For more information, refer to Find your AgilePoint Server Instance REST URL.

    Allowed Values:
    [Your AgilePoint NX Portal URL]/AgilePointServer
    Default Value:
    None
    Example:
    • https://myagilepointnxdomain.com/AgilePointServer

      The domain name for the production environment changes based on the configuration of your environment.

    AgilePoint Portal URL

    Description:
    Specifies the AgilePoint NX Portal Instance URL.

    For more information, refer to Find your Portal Instance URL

    Allowed Values:
    An AgilePoint NX Portal instance URL.
    Default Value:
    None
    Example:
    https://myagilepointnxdomain.com

    The domain name for the production environment changes based on the configuration of your environment.

    AgilePoint Portal Web.Config

    Description:
    Specifies the location of the configuration file for AgilePoint NX Portal.
    Allowed Values:
    The web.config file for AgilePoint NX Portal.

    Click the Ellipses button, and browse the file:

    (NX Portal installation folder - v8.0 and lower) C:\Program Files\AgilePoint\AgilePointWebApplication\AgilePointPortal\web.config

    Default Value:
    None

    Workflow DB Connection String

    Description:
    Specifies the connection string to connect to the workflow database for AgilePoint NX.

    For more information, refer to Find your Workflow Database Connection String.

    Note: AgilePoint Analytics supports a logical multi-tenant architecture, and AgilePoint Sever is based on a physical multi-tenant architecture. Because of this, the workflow databases are separate for each tenant, but the Analytics database is shared across all tenants.
    Allowed Values:
    A connection string for the workflow database.
    Default Value:
    None
    Example:
    • application name=AgilePoint Server;server=SQLServerName;database=AP_Workflow_DB;trusted_connection=yes
    • application name=AgilePoint Server;Server= SQLServerName;database=AP_Workflow_DB;User ID=bobsmith;Password=pass1234;

    Analytics DB Connection String

    Description:
    Specifies the connection string to connect to the Analytics database.
    Note: AgilePoint Analytics supports a logical multi-tenant architecture, and AgilePoint Sever is based on a physical multi-tenant architecture. Because of this, the workflow databases are separate for each tenant, but the Analytics database is shared across all tenants.
    Allowed Values:
    A connection string for the Analytics database.

    The connection string must be in a specific format for this field.

    Values identifying the database server:

    • application name=AgilePoint Server

      This value is a literal constant. It must not be changed.

    • server=[the name of the database server for AgilePoint NX]

      Complete this value with your database server name.

    • database=[the name of your Analytics Center database]

      The name of your Analytics Center database. By default, this value is AP_Analytics_DB.

    Values identifying the connection credentials:

    • Either enter this value for a trusted connection:
      • trusted_connection=yes
    • Or enter these values to use specific authentication credentials:
      • User ID=[database user name]
      • Password=[database user password]

    This results in 2 possible formats for the Analytics Center connection string entered in this field, which are both different from the connection string value in the Analytics Center configuration file:

    • application name=AgilePoint Server; server=[the name of the database server for AgilePoint NX]; database=[the name of your Analytics Center database]; User ID=[database user name]; Password=[database user password];
    • application name=AgilePoint Server; server=[the name of the database server for AgilePoint NX]; database=[the name of your Analytics Center database]; trusted_connection=yes;
    Default Value:
    None
    Example:
    • application name=AgilePoint Server;server=MyDatabaseServer;database=AP_Analytics_DB;trusted_connection=yes;
    • application name=AgilePoint Server;Server=MyDatabaseServer;database= AP_Analytics_DB;User ID=bobsmith;Password=pass1234;
  2. Click Update.
  3. Reset IIS.
  4. In AgilePoint Server Manager, restart your AgilePoint Server instance.

Test the HTTPS URL for Analytics Center

To test the HTTPS URL for Analytics Center, do the procedure in this topic.

Figure: 404 - Not Found screen

404 Not Found screen

Procedure

  1. In a web browser, open HTTPS URL for the Analytics Center 404 error page.

    Format:

    https://[fully qualified domain name]/AnalyticsCenter/api/404

    Example:

    https://nxone.com/AnalyticsCenter/api/404