KBI 311975 Argent Omega Supports Secure HTTPS Web GUI
Version
Argent Omega 2.2.2202.11 and above
Date
Thursday, 3 March 2022
Summary
This article describes Argent Omega improved support for secure HTTPS web GUI.
Technical Background
In default setting, Argent Omega web GUI is accessible via http://server_name:6100.
Before enabling HTTPS support for Argent Omega web GUI, navigating via HTTPS protocol will returns the following error.
Argent Omega comes with NGNIX web server service that can be optionally enabled to receive secure HTTPS communication for Argent Omega’s web GUI.
Enabling Argent Omega Secure HTTPS Web GUI
First, locate the following file and create backup.
Drive:\Argent\ArgentOmega\ArgentOmegaMain.exe.config
Edit the above configuration file, as below
From <add key=”nginx” value=”—disable-nginx-1.17.10″ />
To <add key=”nginx” value=”nginx-1.17.10″ />
Upon completion, save edit and restart Argent Omega service.
Wait for one minute to allow service restart to complete.
Argent Omega is now enabled for secure HTTPS communication.
Navigate to Argent Omega web GUI via HTTPS protocol, for example, https://localhost:6100
An error will be displayed if certificate was not added to Trusted Root Certification Authorities on client machine, for example.
The above error is not an issue, as Argent Omega comes with self-signed certificate which require adding to client machine’s Trusted Root Certification Authorities.
Customer can safely bypass the warning, proceed to the web GUI.
Argent Omega web GUI will be displayed properly using secure HTTPS protocol.
The Argent Omega Self-Signed Certificate
Argent Omega comes with self-signed certificate which can be reported by web browser as an invalid certificate, as example below.
It is completely normal as self-signed certificate typically does not contain all attributes required for web browser’s validation on SSL certificate.
Common reasons behind SSL Certificate Error on Google Chrome are listed below.
1. The System Time is not the real-time.
2. The SSL certificate has Expired.
3. Google Chrome is not updated.
4. The SSL certificate is not Installed properly.
5. The SSL certificate is not issued by a Trusted Certificate Authority (CA) or a self-signed certificate is used to secure a website.
6. The website is secured with an outdated 128-bit SSL.
7. The website is secured with an outdated SHA-1 Algorithm.
8. Untrusted SSL Client Certificate error.
Certificate purchased from SSL certificate vendor like Verisign, Sectigo will be seen as valid SSL certificate.
Argent Omega Supports Customer Supplied SSL Certificate
Argent Omega certificate folder is Drive:\Argent\ArgentOmega\CERT
Certificate file has extension *.CRT
Private key file has extension *.KEY
For customer want to their own certificate, copy the certificate and private key to the above folder.
Ensure certificate and private key are named the same, with corresponding file extension.
For example
Next, edit file Drive:\Argent\ArgentOmega\ArgentOmegaMain.exe.config
Using the “MyCertificate” example, certificate does NOT have password protection, edit as below
From <add key=”ssl_certificate” value=”self-signed” />
To <add key=”ssl_certificate” value=”MyCertificate” />
Optionally, if certificate is password protected, add below syntax
<add key=”ssl_certificate_pass” value=”MyCertificate_password.txt” />
Ensure password is correctly saved in MyCertificate_password.txt and file is located in the same folder as the certificate and private key.
Multiple certificate and private key files can be retained in the CERT folder.
However, ensure only define ONE certificate is referenced in the ArgentOmegaMain.exe.config.
Ensure Argent Omega service restart after the above edit.
Validate by opening Argent Omega web GUI via HTTPS protocol.
Example of a Custom SSL Certificate
Resolution
Upgrade to Argent Omega 2.2.2202.11 or above.