Web Server Communication

By default, Archer web clients communicate with the Archer Web Server (IIS) over one of two ports:

HTTP using default port 80
HTTPS using default port 443

These web clients include:

Archer web user interface
Third-party web applications, which are applications provided by the customer that use Archer web APIs (SOAP and REST)
Certain data feeds, for example, RSS and Threat Intelligence

Enable web server communication using HTTPS and disable the HTTP service. In addition to providing encryption of data in transit, HTTPS allows the identification of servers and, optionally, of clients, by means of digital certificates. To enable HTTPS, update the following three components:

IIS
Archer web.config
Archer Control Panel

For more information, see Authentication Configuration.

While HTTPS is recommended and helps prevent man-in-the-middle attacks, consider the following when enabling HTTPS and disabling HTTP:

Redirecting connections from an unsecured HTTP port to a secured HTTPS port can cause your application to be vulnerable to these types of attack. Redirecting connections is not a complete disablement of the HTTP port.
Disabling HTTP without ensuring that the SSL certificate is in the trusted certificate store displays an error message.
Disabling HTTP causes the SOAP API forms to become non-functional. These forms only accept HTTP Post.

Use TLS 1.2 to secure the HTTP communication between Archer web clients and the Archer Web Server. Secure this communication by configuring HTTPS connections between the client and the IIS web server.

For information on Microsoft recommendations, see the Microsoft Knowledge Base.

ADDRESS	ABOUT ARCHER	CUSTOMERS
13200 Metcalf Ave	Events	Archer Academy
Suite 300	Resources	Archer Exchange
Overland Park, KS 66213	Services	Support
	About Us	Archer Community