Disabling the HTTP port of a Security Center server - Security Center 5.11.2.0 and later

Product
Security Center
Version
5.12
5.11
Language
English
Last updated
2023-11-10

About disabling the HTTP port of a Security Center server

To force the use of HTTPS for all connections to your Security Center servers, you must disable the HTTP port of the server.

About disabling the HTTP port

  • HTTP connections are only used for local server connections. All remote connections to Security Center servers use HTTPS.
  • The HTTP port of a Security Center server cannot be disabled in Server Admin. Instead, you must modify the GenetecServer.gconfig file.
    WARNING: If GenetecServer.gconfig is modified incorrectly, the Server Admin service will be unable to start.
  • There is no indication in Server Admin that the HTTP port is disabled. The port number in the HTTP port field can still be changed, but has no effect.
    The server page in Server Admin with the HTTP port field highlighted.
  • The HTTP port can only be disabled in Security Center 5.11.2.0 and later.

About the GenetecServer.gconfig file

The GenetecServer.gconfig file is found in your Security Center installation folder. The default path is C:\Program Files (x86)\Genetec Security Center 5.x\ConfigurationFiles.

Disabling the HTTP port of a Security Center server

To disable the HTTP port of a Security Center server, you must change a setting in the GenetecServer.gconfig file.

What you should know

If you disable the HTTP port on a Security Center server and the server certificate expires, you might be unable to log in to Server Admin using HTTPS or HTTP. If this occurs, do the following:
  1. Re-enable the HTTP port on the Security Center server.
  2. Update the certificate on the server.
    1. In Server Admin, select the server with the disabled HTTP port.
    2. In the Secure communication section, click Select certificate.
    3. Choose a certificate and click Select.
    4. Click Save.
  3. Disable the HTTP port.

Procedure

  1. Back up the GenetecServer.gconfig file by copying it to another folder.
    By default, the file is located in C:\Program Files (x86)\Genetec Security Center 5.x\ConfigurationFiles.
  2. Open the GenetecServer.gconfig file on your Security Center server.
  3. Do one of the following:
    • If the file contains the <ServerAdminService/> section of code, add an http="false" attribute.
    • If the file does not contain the <ServerAdminService/> section of code, add the following section to the file: <ServerAdminService http="false" />
    Contents of the GenetecServer.gconfig file with the ServerAdminService section highlighted.
    WARNING: If GenetecServer.gconfig is modified incorrectly, the Server Admin service will be unable to start.
  4. Save and close the file.
  5. Restart the Genetec™ Server service.
    1. On the server, open Microsoft Management Console Services (services.msc).
    2. Select Genetec™ Server from the list of services and click Restart.
    Security Desk remains offline until the Genetec™ Server service is running.

After you finish

To verify that the HTTP port has been disabled, try logging in to Server Admin using HTTP. If you are unsuccessful, the HTTP port is disabled and HTTPS must be used to log in.

Re-enabling the HTTP port of a Security Center server

To re-enable the HTTP port of a Security Center server, you must change a setting in the GenetecServer.gconfig file.

Procedure

  1. Open the GenetecServer.gconfig file.
    By default, the file is located in C:\Program Files (x86)\Genetec Security Center 5.x\ConfigurationFiles.
  2. Change the <ServerAdminService http="false" /> section of code to <ServerAdminService/>.
    Contents of the GenetecServer.gconfig file with the ServerAdminService section highlighted.
    WARNING: If GenetecServer.gconfig is modified incorrectly, the Server Admin service will be unable to start.
  3. Save and close the file.
  4. Restart the Genetec™ Server service.
    1. On the server, open Microsoft Management Console Services (services.msc).
    2. Select Genetec™ Server from the list of services and click Restart.
    Security Desk remains offline until the Genetec™ Server service is running.

After you finish

To verify that the HTTP port has been re-enabled, try accessing Server Admin using HTTP. If you are successful, the HTTP port has been re-enabled.