Forcing Secure Connections ensures servers in the System only connect to clients using HTTPS to prevent API requests, the server Web Admin interface, and other management traffic (users accounts, device access credentials, etc.) from being intercepted and analyzed.
This setting is enabled by default.
Desktop Client
1.Open Main Menu > System Administration > Security tab.
2.Check the Force servers to accept only encrypted connections checkbox.
3.Apply changes.
1.Open Settings > System Administration > General.
2.Check the Allow only secure connections checkbox.
3.Apply changes.
IMPORTANT: This setting is turned on by default and will affect the following:
•Generic Events should be reconfigured in the external system. All integrations configured to work with HTTP need to be updated and tested.
•API calls – all external systems that use API for integrations should be re-configured to use HTTPS and then tested.
Once HTTPS is enabled, the first time you attempt to log onto a server's web page, the browser may first display warnings that indicate a bad certificate and insecure connection ("Your connection is not private. Attackers might be trying to steal your information..."). This is not the case. The warning is a safety feature due to the self-signed certificate on the server. The connection will in fact be more secure.
Note: To proceed using an HTTPS connection, click on the word Advanced, then click the Proceed to [xxx.x.x.x] (unsafe) link to log in. You should only need to do this the first time the HTTPS connection is established.