Although HTTPS support is not natively supported by default for PROGNOSIS VoIP Monitor, you can enable it via a configuration change. Native HTTPS support is on the roadmap and will be delivered into the product soon.

HTTPS Web Interface Protocol

The default installation of PROGNOSIS VoIP Monitor includes the Apache Tomcat Web server. Java is also required. These components are used to run the PROGNOSIS Web interface, which by default uses HTTP protocol. However, should the secure HTTPS protocol be required some additional configuration is necessary.
Running the Web interface over HTTPS

To utilize HTTPS the following steps need to be completed:
Step 1 Generate or purchase a 'Secure Socket Layer' (SSL) certificate for the Web site and place it into the Java Keystore used by Apache Tomcat.
Step 2 Configure the SSL connector in Apache Tomcat.
Step 3 Instruct operators to use the HTTPS URL to access the Web interface (most likely the standard HTTP access will be disabled).

The setup procedures are described in detail below:

Generate or purchase the SSL certificate

The procedures for purchasing a real SSL certificate depends upon the specific provider. However, once purchased the certificate details need to be imported into the Java Keystore being used by Apache Tomcat. For details about ordering and importing the certificate see the Sun Keytool utility documentation which is available on the Sun web site. For example, for version 1.4.2 go to:
java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html

The following describes a simple procedure to generate security keys in order to test the HTTPS setup. However, this will result in browser certificate warnings.
To generate a key pair run the keytool.exe utility (located in PROGNOSIS\www\webserver\jre\bin) using the following command lines:
C:\> Cd C:\Program Files\PROGNOSIS\www\webserver\jre\bin

C:\Program Files\PROGNOSIS\www\webserver\jre\bin> keytool -genkey -keystore ..\..\tomcat\conf\keystore -alias tomcat -keyalg RSA

The '-keystore' parameter contains the directory path where the Keystore file will be placed. For the purpose of these instructions it is assumed that the Keystore file will be located in the configuration directory of Tomcat (PROGNOSIS\www\webserver\tomcat\conf) and that PROGNOSIS is installed in the default location.
Once the command is run the following questions will be asked:
Enter Keystore Password
What is your first and last name?
What is the name of your organization unit?
What is the name of your organization?
What is the name of your city or locality?
What is the name of your state or province?
What is the two-letter country code of this unit?
Is this correct?
Enter key password for <mykey>
<Return if same as Keystore password>

NOTE: By default, Tomcat expects the password 'changeit' for both the Keystore file and its specific entry in the Keystore. If a different password is used, it will need to be specified again later in the Tomcat configuration. It is important that the same password is used for both the Keystore and the Tomcat entry. When prompted for the first/last name input the host name instead.

Configure SSL connector in Apache Tomcat
Once the Keystore has been set up correctly, open the 'server.xml' file, which is located in the PROGNOSIS/www/webserver/tomcat/conf folder path, in a plain text editor, such as Notepad. Add one more Connector element between the existing HTTP Connector (default is <Connector port="80" />) and the Engine Name statements. The following shows the text that needs to be inserted;
Make a backup before you modify this file
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true"
keystore="conf/keystore" keystorePass="changeit">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS" />
</Connector>

This instructs Tomcat to listen for SSL connections on port 8443 and assumes that the Keystore file is located in Tomcat's 'conf' folder. If a password other than 'changeit' is used when generating the key, then the keystorePass value will also need to be changed. When finished, restart Tomcat.
Further details are available at the Apache Tomcat site:
jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html

Use HTTPS URL
Start the Web browser and request <hostname>:8443/prognosis. The browser will warn about a self-signed certificate it cannot verify, but it will be able to establish a connection.