So like most, security is something we all continuously work on to improve. Recently, I had to update the SSL certificate on my primary Orion server and I took the opportunity to put in a 301 redirect to push all the traffic to Port 443 rather than Port 80. I'm not sure how much of this is already known but I know I had a hard time to find documentation so I figured I would write an article on what I had to do to get everything working.
First off, the biggest problem after the switch was the automatic reports that I have SolarWinds generate each day. The report would send a PDF that had a 404 error. I noticed that the report was referring to my SolarWinds system by the server name instead of the custom URL. The other issue I saw was the URL in the alerts also referred to the actual server rather than the custom URL. Needless to say, this raised red flags so I'm hoping this article may help someone correct if you too find yourself having the issue.
Changing to Port 443
The change to using port 443 was easy. You follow the same steps as you do with any other IIS based service but that is just the first step. Doing the work on IIS is just the tip of the iceberg. I had to go into the database and point the database to use port 443 as well. The next thing I had to do was go into the SolarWinds Configuration Manager and run the tool on the website. I first ran it with "Skip Bindings" check but it ended with a 404 error so I went back into the Configuration Wizard, unchecked that box, checked "enable https" and ran the wizard successfully. I thought I would be good to go. Yet, that wasn't the case. I noticed the alerts were still showing the URL reference to the actual server rather than the custom URL.
Correcting the URL
To change the URL, I had to log onto my primary server and first stop all the SolarWinds services. I then opened the SolarWinds database manager and went into the Website table. I ran the query and noticed that the "primary" website was set to use the server and the custom URL was set as the additional address. I enabled editing of the table and made the change to use the custom URL as the primary and the server name as the additional and now the alerts are showing the correct URL and my reports are working.
I know this probably all seems basic but it was a bit of a pain in the **** so I wanted to share what I learned. I'm not sure if this belongs in this SRM board but I wasn't sure where else to put it. Hopefully, this helps someone.