4.3.2. Running a ChronoScan Server with SSL

 

To enable SSL for the web interface the WCI_WEB_SERVER service must be created with the parameters below:

 

SC Create "WCI_WEB_SERVER" binPath= "\"C:\Program Files (x86)\ChronoScan\bin\chrono_wci.exe\" -customdir:\"C:\ProgramData\ChronoScan.ENT DEFAULT\" --https-address=0.0.0.0 --https-port=10443 --ssl-certificate=\"C:\SSL CERT\server.pem\" --ssl-private-key=\"C:\SSL CERT\server.key\" --ssl-tmp-dh=\"C:\SSL CERT\dh2048.pem\"

 

Where --https-port=10443 can be changed to the desired port and --ssl-certificate=\"C:\SSL CERT\server.pem\", --ssl-private-key=\"C:\SSL CERT\server.key\" and --ssl-tmp-dh=\"C:\SSL CERT\dh2048.pem\" should point to your SSL certificate files.

Also don't forget to either omit or change the -customdir:\"C:\ProgramData\ChronoScan.ENT DEFAULT\" parameter to match your configuration. If you are not using multiple ChronoScan configurations you can omit the parameter.

 

 

NOTES FOR SSL USERS:

 

2018/08/31     From version 1.0.1.92 SSL ciphers are limited to TLS 1.2+HIGH when SSL is active.