Many companies that use Sage Enterprise Management (Sage X3) choose to have their Syracuse Web Server exposed to the internet for ease of access – no VPNs or remote desktop services to use – but making the connection open to the public internet exposes your web server/data to attack. Security is a necessity, as organizations need to keep their data private and secure.
Using an SSL (secure socket layer) connection with a certificate from a trusted Certificate Authority protects the confidentiality and integrity of company data exchanged online. SSL is the standard security technology for establishing an encrypted link between a web server and a browser; this encrypted link will ensure that the data exchanged between the user and the web server is transmitted securely and remains private. Any Sage Enterprise Management exposed to the public internet should use SSL to secure its connection with the users and protect company data.
Below are instructions on how to use SSL in Sage Enterprise Management.
Use an SSL tool like OpenSSL to create a certificate request (*.csr file) and a private key (*.key file) on your Syracuse Server.
The installation of the Safe Enterprise Management Web Server component will create OpenSSL binaries in the Sage\SafeEnterprise Management\Web\tools\SOFTS\HTTPD\bin folder. The exact path depends on the path specified during installation of the Web Server component.
Open a Windows Command Prompt and run the following: set OPENSSL_CONF=C:\Sage\SafeEnterprise Management\WEB235.2\tool\SOFTS\HTTPD\conf\openssl.cnf
In the Windows Command Prompt, browse to the bin folder noted previously and run the following: openssl req -out myCompany.csr -new -newkey rsa:2048 -nodes -keyout myCompany.key (myCompany is the name of your company)
The previous step will create a *.csr and a *.key file. Keep the key file in a secure location, as you’ll need it in the following steps.
Send the certificate request (*.csr) file to a Certificate Authority of your choice. They’ll generate the certificate file (*.crt) and provide either send the file to you or offer access to download it.
Create the certificate to be used by Sage Enterprise Management.
Browse to Administration, Certificates, Certificates, and click +New certificates
Provide the name used to reference the certificate information.
Description is optional.
In the Certificate section, drag/drop the *.crt file received from the certificate authority.
In the Private Key section, drag/drop the *.key file generated in step 1b. Do not leave this section blank even though it is not marked as required.