Enforce HTTPS for Experience Platform service roles

Current version: 10.0

Applies to

All XP service roles

Sitecore Installation Framework

HTTPS is enforced by default.

Azure Toolkit

HTTPS is enforced by default.

To enforce HTTPS for any client connecting to an XP service role with a web end point:

  • Open the C:\<Path to xConnect>\App_data\config\sitecore\CoreServices and ensure that the following configuration files are available:

    • sc.XConnect.Security.EnforceSSL.xml

    • sc.XConnect.Security.EnforceSSLWithCertificateValidation.xml


HTTPS is enforced by default. To allow HTTP in a development environment, disable or delete the configuration files in this topic. This is not recommended in a production environment.

Do you have some feedback for us?

If you have suggestions for improving this article,