It is possible to setup an SSL in a Windows version of an Ignition server? Everything that I can see in the documentation and other forums is for Linux only.
Iām not really following what youāre saying but hopefully starting here helps you out: https://docs.inductiveautomation.com/display/DOC80/Using+SSL#UsingSSL-EnablingSSL
Sorry should have been more clear in the description. Iām wondering if anyone has successfully setup an SSL certificate with Letās Encrypt on a Windows Ignition Server. All of the literature/examples that I can find are only for Linux.
You absolutely can set up Letās Encrypt on a Windows host - youāll find that most guides follow Linux because itās somewhat simpler to set up, but thereās absolutely nothing stopping you. Itās important to separate a few things:
Letās Encrypt is a new CA (Certificate Authority) and one of/the first CAs to support the ACME protocol - as the acronym implies, itās all about automated certificate management. ACME/LE push towards a new style of short-lived, automatically renewed certs; ālegacyā SSL certs generally last so long (2, 3, 5 years) that itās not worth the effort to automate. By only issuing short lived certs, LE incentivizes automation.
In addition to Letās Encrypt, youāll often see something called certbot - though itās usually not called out as a separate āthingā. certbot is an ACME āclientā, and it absolutely has support for Windows:
https://certbot.eff.org/lets-encrypt/windows-other.html - but, you really just need any ACME client to use Letās Encrypt - certbot is just the āreferenceā implementation. For instance, thereās a variety of IIS implementations: https://letsencrypt.org/docs/client-options/#clients-windows-/-iis
Once you have an ACME client, a lot of the rest of the SSL guide here should still apply - youāll have to change the command line arguments a bit, but the basic process is still the same.
@paul-griffith weāll give it a try as you describe. Many thanks!
I have used Certify the Web successfully on a Win2016 server:
Certify The Web requires Port 80 to be open to validate you domains. I am currently already using a Cert and have HTTPS enabled on the Gateway (have not implemented ACME). How did you configure things to both use Port 80 for Certify domain validation, but keep the Gateway access only using HTTPS? My concern comes from having to expose Port 80 and how to do this securely.