Enforce HTTPS for Experience Platform service roles
Abstract
How to enforce HTTPS for clients connecting to a Sitecore XP Services role with a web end point.
Applies to | All XP service roles |
Sitecore Installation Framework | HTTPS is enforced by default. |
Azure Toolkit | HTTPS is enforced by default. |
To enforce HTTPS for any client connecting to an XP service role with a web end point:
Open the
C:\<Path to xConnect>\App_data\config\sitecore\CoreServicesand ensure that the following configuration files are available:sc.XConnect.Security.EnforceSSL.xmlsc.XConnect.Security.EnforceSSLWithCertificateValidation.xml
Note
HTTPS is enforced by default. To allow HTTP in a development environment, disable or delete the configuration files in this topic. This is not recommended in a production environment.