SalesAnywhere supports HTTPS to secure communication between the SalesAnywhere program and the web service by encrypting the data transferred on the network.  If you use SalesAnywhere to access the web service through the internet (as opposed to within an intranet or connecting to the office network through Virtual Private Network), you should enable HTTPS.

There are a few extra installation steps to enable HTTPS support on the web server.  You also need to purchase a digital certificate from 3rd party certificate vendors.

Before you begin

Before you can purchase and install a server certificate, you must be able to:

• Have full access to the settings of the domain name server (DNS) of your company’s domain registration.
• Set up DNS record for the server that is going to host the SalesAnywhere web service.
• Have a static IP address assigned by your internet service provider to the server, or set up your company’s firewall to forward web service requests to the server.

Contact your IT administrator if you are unsure of, or do not have rights to the above.

Creating a Certificate Request in IIS

• On the server, run Internet Information Services (IIS) Manager.
• Select Server Certificates on the home page.

• On the Actions list on the right, select Create Certificate Request…
• Supply details of the web server and company on the Create Certificate screen.

• You need to supply the following details
  • Common name – this is the Fully Qualified Domain Name of the server and the name must be accessible on the internet to access the server.  This name must match the server name used by the SalesAnywhere program to access the server.
  • Organization – The office company name
  • Organization unit – The department within the company
  • City/locality – City of the company.  Do not use abbreviations.
  • State/province – State or province.  Do not use abbreviations.
  • Country/region — Select from the standard list of countries.
• Select Next to complete the certificate request and save it into a file.

Obtaining a server (SSL) certificate

You can obtain a server (SSL) certificate through one of the certificate issuers.  Some examples are:

• GoDaddy
• Symantec

The cost and steps will be different for different publishers.  Follow the steps outlined by your issuer of choice.  Below is the typical process:

1. Create an online account with the publisher
2. Submit a request for a server (SSL) certificate.  You will need to submit the Certificate Request file generated in the previous step.
3. The issuer will verify that you have ownership of the company domain.  This might involve:
   • Adding a new page to your company’s public web site.
   • Changing DNS records to prove ownership of the domain registration,
   • etc.
4. Once approved, you will receive a certificate file.

Installing the certificate on the web server

Once the certificate is issued, you can install it on the web server.

• Run IIS Manager on the web server.
• On the home page, select Server Certificates.
• In the Actions list on the right side, select Complete Certificate Request…

• Provide the file obtained from the certificate issuer, and give a friendly name to identify the certificate.  Make sure you select Web Hosting as the certificate store.
• Select OK to install the certificate on the server.

Enable HTTPS on the Default Web Site

Once a certificate is installed on the web server, you need to enable HTTPS for the web site.

• In IIS Manager, select Default Web Site.
• On the Actions list on the right, select Bindings…

• Click Add…

• Select https as the type.  The port number will default to 443.  In the SSL certificate list, select the friendly name of the certificate installed on the server.  Click OK.

The server can now accept HTTPS connections.