Setting up HTTPS (secure HTTP) for IPS Server

IPS Server is initially installed in (insecure) HTTP mode, and Quorum Software recommends the immediate re-configuration to HTTPS (secure HTTP) mode, as explained in this section. A trusted certificate (backed by a standard Certificate Authority) or a self-signed certificate may be used. Only trusted certificates should be used in a production deployment.

For version 16.5 Update 29 and earlier: IPS Server is not compatible with certificates that have private keys based on the CNG ('Cryptography API: Next Generation') storage provider. (If you try to install such a certificate then IPS Server will typically give the installation error: "Current user has no access to the certificate's private key".) A legacy storage provider option must be used instead.

Important for version 16.5 Update 4 and earlier: The change from HTTP to HTTPS mode invalidates license files (for both IPS Server and Product licensing) which have 'http' in the URLs, and you must have additional license files with 'https' in the server URLs. The change doesn't affect product licensing that is based on an external license server.

For version 16.5 Update 5 and later: License files are not validated or rejected due to changes in the protocol (HTTP/HTTPS) or port number of the machine where a license file has been uploaded.