Securing Access to Responder Web

This optional configuration allows you to host the entire Responder Web application using HTTPS.

Setting up HTTPS

  1. Browse to the web.config file at this location: C:\Inetpub\wwwroot\Responder.
  2. Open Web.config. You can edit the file by opening it in an XML application (such as XML Spy) or by opening it in a simple text editing program (such as Notepad).
  3. Insert the following two options in the appSettings section, if not already added, to disable URL path inspection:
    <add key="secureByUrls" value="false"/>
    <add key="undoUrlSecuring" value="false"/>
  4. Save and close Web.config.
  5. Set up IIS to require HTTPS for communication to the entire application:

Configure Switch Order Request Support for HTTPS

The following configuration allows support of Switch Order requests with HTTPS. This configuration is applied by default during installation. These configurations are done to inetpub\wwwroot\responder\web.config.
  1. To make changes to the configuration for Switch Order requests with HTTPS, first locate the default code below:
    <bindings>
              <basicHttpBinding>
                <binding name="secureHttpBinding">
                  <!-- set mode="None" for http -->
                  <!-- set mode="Transport" for https -->
                  <security mode="None">
                    <!-- set clientCredentialType="None" for the Forms authentication -->
                    <!-- set clientCredentialType="Windows" for the Windows authentication -->
                    <transport clientCredentialType="None"/>
                  </security>
                </binding>
              </basicHttpBinding>
            </bindings>
  2. The following changes can be made to the code according to your organization’s needs:
    • If you are using Windows Authentication, the transport clientCredentialType needs to be changed to Windows.

    • If you are using HTTPS, the security mode needs to be changed to Transport.

QR code for this page

Was this helpful?