Best way to determine if SMP is used with https
Hi,
we´re looking for a way to determine, if the System Management Portal (SMP) is only accessible through ssl/tls -> https. One of our applications send daily reports via email and places some dynamically created links within it. The application runs on the instance being monitorred (Ensemble-Productions).
Since we migrate some of our customers systems to use https for the SMP connection, we need to generate those links with https:// instead of http://. Our application is characterized as kind of a lib so we use it for many of our clients systems.
Is there a safe way to programmitically determine if the system which runs our tool is only accessible (at least the SMP) by https. Our first idea was to lookup an exisiting, activated SSL/TLS configuration named '%SuperServer' but this tends to be not to be what we exactly need.
What about examine the current webservers (standalone CSP-Gateway, built-in CSP Gateway) config. At least there the use of SSL/TLS for connections is defined.
Any suggestions would be appreciated.
best regards,
Sebastian
Hi Sebastian,
you can request the SMP login page (etc.) from time to time by https or http to see what is working.
Let me know if that is what you are asking for. Feel free to open a WRC problem so we can discuss this further on the phone, etc.
Kind regards,
Bernd
Hi Sebastian,
How do you currently determine SMP URL? Usually web server configuration is external to Cache, so there are not many options except asking user to enter SMP URL manually. That's what InterSystems is doing when connecting from external tools like Studio as well.
Any attempt to be smart about it will sooner or later cause you problems with exotic setups like load balancers, external web servers on separate machines, etc etc
Cheers
Sergei
If you're actually installing/configuring SSL for your customers, why not simply redirect HTTP to HTTPS on the external web server?
Hi,
thank you for your ideas and thoughts provided. Especially the points Sergej mentioned in terms of exotic configurations seem to be noticable. On the other hand requesting SMP login page from time to time seem to be a good approach. We´ll open a ticket for that because this seems to be a good approach.
best regards,
sebastian