Enforce HTTPS for Experience Platform service roles
Current version: 10.3
Abstract
How to enforce HTTPS for clients connecting to a Sitecore XP Services role with a web end point.
|
Applies to |
All XP service roles |
|
Sitecore Installation Framework |
HTTPS is enforced by default. |
|
Azure Toolkit |
HTTPS is enforced by default. |
To enforce HTTPS for any client connecting to an XP service role with a web end point:
-
Open the
C:\<Path to xConnect>\App_data\config\sitecore\CoreServicesand ensure that the following configuration files are available:-
sc.XConnect.Security.EnforceSSL.xml -
sc.XConnect.Security.EnforceSSLWithCertificateValidation.xml
-
Note
HTTPS is enforced by default. To allow HTTP in a development environment, disable or delete the configuration files in this topic. This is not recommended in a production environment.