By default, communications are unencrypted for the Genetec™ Security Center - Software House CCURE 9000 Access Control
Proxy Service.
After putting the SSL certificate on the CCURE 9000 server, you must configure
the proxy service to encrypt communications by using the GenetecCCUREPlugin
certificate.
What you should know
The proxy configuration file contains connection configurations (service bindings) for
both unencrypted and encrypted communications. Only one can be enabled at a time.
IMPORTANT: The plugin server and the proxy service must both use the same type of
communications; either encrypted or unencrypted. If the proxy is encrypted and the plugin
server is not, the plugin cannot operate. To minimize downtime, you must update the
configuration on both the proxy service and the plugin server at the same
time.
Procedure
-
On the CCURE 9000 server, find the
Genetec.NextGenConnectedProgram.Plugin.Service.exe.config
file.
By default, the file is in C:\Program Files
(x86)\Tyco\CrossFire.
-
Make a backup copy of the configuration file.
-
Open the configuration file in Notepad.
-
Find the following line:
<service
name="Genetec.NextGenConnectedProgram.Plugin.Service.AccessControlService">
.
The configuration file contains two
<service>
tags:
- The first
<service>
tag (shown in blue) provides the
instructions for unencrypted communications.
- The second
<service>
tag (shown in green) provides the
instructions for encrypted communications and is deactivated by comment tags
<!-- -->
.
-
Deactivate the unencrypted service instructions by surrounding the first
<service
and </service>
tags with comment tags
<!-- -->
.
Tip: The first service tag contains bindingConfiguration=
"AccessControlServiceConfiguration"
-
Enable encryption by removing the comment tags
<!-- -->
from the
second service instructions.
Tip: The second service tag contains
bindingConfiguration="AccessControlServiceConfiguration_Encrypted"
The following side-by-side example shows the configuration file when it is set for
unencrypted communications (left) and for encrypted communications (right). The comment
tags in the example are highlighted in yellow.
-
Save the configuration file.
-
Restart the proxy service to apply the configuration changes.
Open the Windows Services management console (services.msc), and then restart
Genetec Security Center CCURE Proxy Service.
IMPORTANT: All plugins in your system that are unencrypted are now unable to
communicate with the CCURE 9000 server.
-
If the proxy service does not restart, try the following: