Note : All Interfaces are documented in Reseller Help.
Back Office >External Applications > NetPOS.Net Tray Icon > System Tray Icon
Description
This document outlines the configuration required in order for SwiftPOS Touch Terminals and NetPOS.Net to communicate with each other via HTTPS instead of HTTP.
To Be Considered
- Performance - Enabling HTTPS communication will have a negative impact on performance because more data will have to be sent and received compared to HTTP. Before enabling HTTPS you should understand the impact this has by measuring not only the change in network traffic but also any changes in latency.
- Do you really need HTTPS? - Consider whether you really need to secure the communication channel between SwiftPOS Touch Terminals and NetPOS.Net before enabling HTTPS. If your terminals and NetPOS.Net are all located within the same local area network which is separated from any public WIFI networks, or your terminals and NetPOS.Net are connected via VPN then you may not gain much security by enabling HTTPS.
- Maintenance Period - If you have a lot of touch terminals then you will need to schedule a suitable maintenance period in order to enable HTTPS. NetPOS.Net will be unavailable during most of the configuration and all terminals will fail to communicate with it after the configuration is complete, until such a time that all of the terminals have also been configured to communicate via HTTPS.
- Advanced Configuration - A number of the steps required to configure NetPOS.Net to communicate via HTTPS are quite advanced and as such the configuration changes should only be made by someone with relevant experience.
- SSL Certificate - In order to use HTTPS with NetPOS.Net you will need to obtain and install an SSL certificate on the server where NetPOS.Net is installed. An untrusted self signed certificate cannot be used. Do not proceed with the configuration changes unless you have a suitable certificate to use.
Configuration
- If NetPOS.Net is currently running then stop the service by right clicking the tray icon and clicking Stop.
- Right click the system tray icon then click General Settings.
- Tick the Use SSL checkbox then click Save and Close.
- Create a port reservation by opening an elevated command prompt and then executing the following command: netsh http add urlacl url=https://+:10101/ user=EVERYONE. Please note that you should replace 10101 with the port number of NetPOS.Net if you don't run it on the default port number. The screenshot below displays the message you will receive if the port reservation was successfully created.
- With the command prompt still open, execute the following command: certmgr.msc.
- Locate the certificate that you obtained and installed prior to making and of the configuration changes mentioned in this document. It will most likely be located under Trusted Root Certification Authorities >> Certificates.
- Right clik the certificate then click Open.
- Select the details tab then scroll down and select Thumbprint.
- Assign the certificate to the port reservation by executing the following command from the command prompt: netsh http add sslcert ipport=0.0.0.0:8000 certhash={THUMBPRINT} appid={77ba29fd-9f7a-45b0-8d7e-1ee5d879951b}. Replace {THUMBPRINT} with the thumbprint of your certificate, without including the {}, eg: 00000000000012d9cd34315bb56d78c08da590. The screenshot below displays the message you will receive if the port reservation was successfully created.
- Start NetPOS.Net by right clicking the system tray icon then click Start.
- With SwiftPOS Touch running, open the setting form and select Customers.
- Click the Secured checkbox then click Refresh Interface List. If everything was configured correctly then the interface list should have refreshed without error.
- Click OK to save the changes and then perform a member lookup to verify everything is working correctly.
Related Topics