Configuring the Web Server
MetaDefender Kiosk's Management Console relies on a REST interface which runs on HTTP by default. The following can be used to further configure the REST server to harden the system.
Changing the default port
- From the management console navigate to the Security page _(You must be an administrator to view this setting).

_
- Once on the security page you should see a setting called Port (Change this to any port that is valid and click apply).

Setting up HTTPS
By default, communication with the Management Console is not encrypted. If HTTPS is enabled, the server can enforce secure connections between client and server on an SSL channel.
Prerequisites
Kiosk version must be greater than or equal to 4.4.5
Must have a certificate on the kiosk system
If the private key is encrypted you must create a file that contains the passphrase on the system
Note down the file paths for the certificate, private key, and or passphrase file
How to create a self signed certificate (optional)
This is for testing purposes only.
Self signed certificates may have limited functionality due to the nature of self signing.
Using linux terminal
- With Passphrase

Create your passphrase file and enter your passphrase into it
- Without Passphrase
Using git bash
- With Passphrase

Create your passphrase file and enter your passphrase into it
- Without Passphrase
Add your certificate to kiosk
After completing the prerequisites you should have a certificate, and private key on the kiosk
From the management console navigate to the Security page

- Click

- Click

- Fill the required input fields and click


Kiosk will validate these fields and display an error at the top of the screen if an issue is detected. e.g.

- Once the Certificate is added successfully click

Enabling HTTPS
- From the management console navigate to the Security page

Click Enable HTTPS checkbox to select HTTPS
Select the preferred certificate
Choose the preferred TLS settings. (if no options are selected then Kiosk will fall back to default TLS settings)
Click

- The Kiosk will restart its internal components and apply the changes selected.

This process can take approximately one minute to complete

- Once the Kiosk services have restarted a new tab should open that directs to the Kiosk page

If the tab does not automatically open then click the hyperlink on the results page to open the new tab.