Difference between revisions of "How to Configure a Web Ad Manager Server"

From Dot2DotCommunications
Jump to: navigation, search
(Set up a user account for the Web Host service)
(Configure the Web Ad Manager COM+ application)
 
(26 intermediate revisions by 2 users not shown)
Line 6: Line 6:
  
 
Please note that the Web Ad Manager Server components cannot be installed on a machine that has IIS currently installed on it, as this is incompatible with the server components used.
 
Please note that the Web Ad Manager Server components cannot be installed on a machine that has IIS currently installed on it, as this is incompatible with the server components used.
 
To configure a Web Ad Manager server we need to make sure all of these elements are installed and configured.
 
  
 
== Install Ad Manager ==
 
== Install Ad Manager ==
  
* Install Ad Manager (including any add-ins) as if you're setting up another client workstation.
+
Install Ad Manager (including any add-ins) as if you're setting up another client workstation.
  
 
== Install and configure the Ad Manager Web Host service ==
 
== Install and configure the Ad Manager Web Host service ==
 
The Ad Manager Web Host service provides a process context in which the web application will load Ad Manager's business logic ActiveX components.
 
  
 
=== Set up a Windows user account for the Web Host service ===
 
=== Set up a Windows user account for the Web Host service ===
Line 21: Line 17:
 
The Web Host service needs to run as a Windows user who:
 
The Web Host service needs to run as a Windows user who:
 
* can run Ad Manager if logged on interactively;
 
* can run Ad Manager if logged on interactively;
* belongs to the local machine's '''Administrators''' group.
+
* belongs to the local machine's "Administrators" group.
  
Ideally, you'll designate a user account specifically for the Web Host service. It can be a local machine or a domain account.
+
1. Pick or create a user account; make sure the account belongs to the local "Administrators" group.
  
==== Steps ====
+
2. Log on as that user, run Ad Manager and import the Ad Manager serial number and license into the user profile.
  
* Pick or create a user account.
+
3. Make sure you can access all Ad Manager databases that will be exposed through the web application.
 
+
* Make sure the account belongs to the local '''Administrators''' group.
+
 
+
* Log on as the user, run Ad Manager and import the Ad Manager serial number and license into the user profile.
+
 
+
* If you're using Windows authentication to access the Ad Manager databases in SQL Server, grant the user account access to all database that will be exposed through the web application.
+
  
 
=== Install and register the Web Host service ===
 
=== Install and register the Web Host service ===
  
The Web Host is an out-of-process ActiveX server packaged as a Windows service.
+
1. Run the Ad Manager Web Host installer (<code>Amwh.msi</code>); install for "Everyone".
  
Its installer will place the executable on the drive but it will not register it as a service; you'll need to do that manually.
+
2. Register the service: run cmd.exe as an administrator and execute the following commands:
  
When the service is registered, it will be configured to run as the '''Local System''' account; you'll need to change that manually.
+
<pre>
 +
cd "C:\Program Files (x86)\Dot2Dot\Ad Manager Web Host"
 +
cpwh.exe -service
 +
</pre>
  
There's no need to change the service startup type from '''Manual''' to '''Automatic''' - the service will be started when needed.
+
3. Use the "Services" management console to configure the "Dot2Dot Ad Manager Web Host Service" to log on as the user account you configured earler.
  
==== Steps to Install ====
+
4. Test the configuration by starting and stopping the service.
  
* Run the Ad Manager Web Host installer (<code>Amwh.msi</code>).
+
=== Configure the Web Ad Manager COM+ application ===
  
* Install the program for '''Everyone''', not '''Just me'''.
+
This step is required if you're installing the 64-bit version of WampServer. It will make the required Ad Manager components, which are 32-bit, accessible to the web application.
  
* Register the service: select the '''Register Service''' shortcut in '''Start''' -> '''All Programs''' -> '''Dot2Dot Ad Manager Web Host'''.
+
1. Launch the "Component Services" management console.
  
* Configure the Ad Manager Web Host service to run as the designated user:
+
2. Create a COM+ server application called "Web Ad Manager", running as "Local Service".
** Open the '''Services''' management console;
+
** Right-click on the "Dot2Dot Ad Manager Web Host Service" and select '''Properties''';
+
** Go to the '''Log On''' tab;
+
** Select '''This account''' in the '''Log on as''' options;
+
** Enter the account name in the form <code>domain\user</code> if it's a domain account or <code>.\user</code> if it's a local machine account;
+
** Enter and confirm the password;
+
** Click '''OK'''.
+
  
==== Steps to Remove an Older Version ====
+
3. Import the "Cpwh.DateTime" coponent from the 32-bit registry into the application.
  
* Stop the Apache web service.
+
=== Configure the Web Host database connections ===
  
* Unregister the Web Host service: select the '''Unregister Service''' shortcut in '''Start''' -> '''All Programs''' -> '''Dot2Dot Ad Manager Web Host'''.
+
Select the "Configure" shortcut in "Start : All Programs : Dot2Dot Ad Manager Web Host" and add a connection for each database that will be exposed through the web application.
  
* Uninstall '''Dot2Dot Ad Manager Web Host''' from the '''Programs''' control panel.
+
== Set Up the Web Server ==
 
+
=== Configure the database connections for the Web Host service ===
+
 
+
The web application can expose the data in one or more Ad Manager databases. The Web Host service needs to know how to connect to those databases.
+
 
+
Each database connection is identified by a unique name. When sharing Ad Manager items online, the connection name will be part of the generated URL.
+
If there's only one Ad Manager database you can leave the connection name blank.
+
 
+
==== Steps ====
+
 
+
* Run the Ad Manager Web Host configuration utility: select the '''Configure''' shortcut in '''Start''' -> '''All Programs''' -> '''Dot2Dot Ad Manager Web Host'''.
+
 
+
* Go to the '''Ad Manager Connections''' tab.
+
 
+
* Add an entry for each Ad Manager database that will be accessible through the web application:
+
** click the '''New''' button;
+
** enter a unique name for the connection;
+
** enter the SQL Server name or IP address;
+
** enter the SQL Server database name;
+
** enter the SQL Server user id and password; if those are left blank, the Web Host service will use Windows authentication to connect to SQL Server;
+
** click '''Test...''' to verify the connection;
+
** click '''OK''' to save the connection.
+
 
+
* Click '''Apply''' to save the changes or '''OK''' to save the changes and close the configuration utility.
+
 
+
=== Set up Web Users ===
+
 
+
Access to the web application is controlled through the Ad Manager Web Users and Roles. The Web User defines the login credentials. The Web Role specifies the level of access users belonging to that role will have.
+
 
+
Web Roles are application specific. You don't need to set up Web Users and Roles to use the '''Share Online...''' features of Ad Manager.
+
 
+
==== Steps ====
+
 
+
Follow the instructions to [[Setting_up_Web_access#Web_Role|create web roles based on your version of Ad Manager]].
+
In each Ad Manager database that will be accessible through the web application:
+
* Run Ad Manager and log into that database;
+
* Create a Web User for each user that needs access to this database;
+
* Add the Web Users to the appropriate Web Role.
+
 
+
== Install and configure the Apache HTTP Server and the PHP preprocessor ==
+
 
+
The web application requires an [http://httpd.apache.org/ Apache HTTP Server] (2.4.x or later) with a [http://www.php.net/ PHP preprocessor] (5.4.x or later).
+
 
+
Although it's possible to download and install Apache and PHP individually, we use a distribution called [http://www.wampserver.com/en/ WampServer]
+
which bundles Apache and PHP (plus MySQL, which is not required by Ad Manager) along with some convenient configuration and administration tools.
+
  
 
=== Install WampServer ===
 
=== Install WampServer ===
  
==== Steps ====
+
Follow the instructions at the [http://www.wampserver.com/en/ WampServer download page]. The latest Microsoft Visual C++ Redistributable components are a pre-requisite.
 
+
* Go to the [http://www.wampserver.com/en/ WampServer download page].
+
 
+
* Locate the following download: WAMPSERVER (32 BITS & PHP 5.4) 2.4. '''''Note:''' the 64-bit version doesn't seem to include the COM/.NET extension for PHP.''
+
 
+
* Click the download button; you'll get a message which contains the following:
+
** a link to the WampServer download;
+
** a warning that WampServer requires the Microsoft Visual C++ 2010 SP1 Redistributable Package;
+
** links to the 32-bit and the 64-bit installers of that package.
+
 
+
* Open the WampServer download link in a new tab and let the browser download the WampServer installer. (''Warning'': it's a SourceForge download - tread carefully).
+
 
+
* Open the appropriate Visual C++ link and download the installer. Alternatively, you can use these links:
+
** [http://www.microsoft.com/en-ca/download/details.aspx?id=8328 Microsoft Visual C++ 2010 SP1 Redistributable Package (x86)]
+
** [http://www.microsoft.com/en-us/download/details.aspx?id=13523 Microsoft Visual C++ 2010 SP1 Redistributable Package (x64)]
+
 
+
* Run the Microsoft Visual C++ 2010 SP1 Redistributable Package installer.
+
 
+
* Run the WampServer installer. The default installation folder is <code>C:\wamp</code>; you can change that, but don't bury it too deep so the web application file paths don't get too long.
+
 
+
* Run WampServer. A green '''W''' icon should appear in the taskbar notification area ("tray").
+
 
+
=== Configure Apache ===
+
 
+
==== Steps ====
+
 
+
* Verify that port 80 is not used by another service:
+
:* Click the WampServer tray icon and select '''Apache''' -> '''Service''' -> '''Test Port 80''';
+
:* You should see the following message (in a command prompt window):
+
 
+
Your port 80 is actually used by :
+
Server: Apache/2.4.4 (Win32) PHP/5.4.16
+
Press Enter to exit...
+
 
+
:* If port 80 is used by another service you'll have to resolve the conflict.
+
 
+
* Edit the Apache configuration file (<code>httpd.conf</code>)
+
:* Open the file:  click the WampServer tray icon and select '''Apache''' -> '''httpd.conf''';
+
 
+
:* Enable the Apache "rewrite" module:
+
::* Locate and uncomment (remove the <code>#</code> symbol in front of it) the following line:
+
  
LoadModule rewrite_module modules/mod_rewrite.so
+
=== Allow incoming connections to the web server port ===
  
:* Prevent the access to the server's file system:
+
Use the "Windows Firewall with Advanced Security" management console to allow the incoming connections.
::* Locate the <code><Directory /></code> block.
+
::* Edit it so that it contains the following directives:
+
  
<Directory />
+
=== Select the appropriate PHP version ===
    AllowOverride None
+
    Require all denied
+
</Directory>
+
  
:* Limit the access to the Apache document root directory:
+
The highest PHP version the Ad Manager web applications are compatible with is 7.3.x.
::* Locate the <code><Directory></code> block for the document root directory (e.g. <code><Directory "C:/wamp/www"></code>).
+
::* Edit it so that it contains the following directives:
+
  
<Directory "C:/wamp/www">
+
=== Tweak the PHP configuration ===
    Options FollowSymLinks
+
    AllowOverride None
+
    Require all denied
+
    Require ip 127.0.0.1
+
+
#    onlineoffline tag - don't remove
+
</Directory>
+
  
:* Allow access to the Ad Manager web application directory:
+
Edit the "php.ini" file.
::* Decide on the name of the directory; it will be a sub-directory of the Apache document root directory (<code>www</code>); its name becomes part of the URL of the web application; for instance, if you name it <code>ad-manager</code>, then the application URL will be <code><nowiki>http://host/ad-manager/</nowiki></code> (where <code>host</code> is the web server's DNS name or IP address).
+
::* Add the following <code><Directory></code> block (where <code>C:/wamp/www/ad-manager</code> is the absolute path to the Ad Manager web application directory):
+
  
<Directory "C:/wamp/www/ad-manager">
+
1. Disable the script execution timeout:
    Options FollowSymLinks
+
    AllowOverride All
+
    Require all granted
+
</Directory>
+
  
:* Configure the access log format to include the time it took to process a request.
+
<pre>
::* Find each line that looks like this:
+
max_execution_time = 0
 +
</pre>
  
LogFormat "%h %l %u %t \"%r\" %>s %b" common
+
2. Remove the memory limit:
  
::* Append the <code>%T</code> format directive to it:
+
<pre>
 +
memory_limit = -1
 +
</pre>
  
LogFormat "%h %l %u %t \"%r\" %>s %b %T" common
+
=== Create the Ad Manager web applications ===
  
:* Save the file
+
Extract the web application archives into sub-directories of the Apache document root directory (usually C:\wamp64\www<code></code>). Your directory structure should look like this:
:* Restart the Apache service: click the WampServer tray icon and select '''Apache''' -> '''Service''' -> '''Restart Service''';
+
  
* Configure the Apache service to start automatically:
+
<pre>
:* Open the '''Services''' management console;
+
C:\wamp64\www
:* Right-click on the "wampapache" service and select '''Properties''';
+
- wam
:* In the '''General''' tab set the '''Startup type''' to '''Automatic''';
+
  + api
:* Click '''OK'''.
+
  + fonts
 +
  + img
 +
  + js
 +
    app.xml
 +
    index.html
 +
- wam-pub
 +
  + api
 +
  + fonts
 +
  + img
 +
  + js
 +
    app.xml
 +
    index.html
 +
</pre>
  
=== Configure PHP ===
+
Edit the "httpd-vhosts.conf" file to enable remote access to the new directories.
  
==== Steps ====
+
<pre>
 +
# Virtual Hosts
 +
#
 +
<VirtualHost *:80>
 +
  ServerName localhost
 +
  ServerAlias localhost
 +
  DocumentRoot "${INSTALL_DIR}/www"
 +
  <Directory "${INSTALL_DIR}/www/">
 +
    Options +Indexes +Includes +FollowSymLinks +MultiViews
 +
    AllowOverride All
 +
    Require local
 +
  </Directory>
 +
  <Directory "${INSTALL_DIR}/www/wam">
 +
    Options +Indexes +Includes +FollowSymLinks +MultiViews
 +
    AllowOverride All
 +
    Require all granted
 +
  </Directory>
 +
  <Directory "${INSTALL_DIR}/www/wam-pub">
 +
    Options +Indexes +Includes +FollowSymLinks +MultiViews
 +
    AllowOverride All
 +
    Require all granted
 +
  </Directory>
 +
</VirtualHost>
 +
</pre>
  
* Open the <code>php.ini</code> file: click the WampServer tray icon and select '''PHP''' -> '''php.ini'''
+
=== Schedule a nightly restart of the services ===
  
* Enable the COM/.NET extension
+
Create a batch file to stop, force the termination of, and restart the Wampapache and Ad Manager Web Host services:
:* Search the file for the following section and if you don't find it, add it to the bottom of the file:
+
  
[COM_DOT_NET]
+
<pre>
extension=php_com_dotnet.dll
+
@echo off
 +
net stop wampapache
 +
taskkill /f /im httpd.exe
 +
net stop cpwh
 +
taskkill /f /im cpwh.exe
 +
net start wampapache
 +
</pre>
  
* Disable the PHP script execution timeout
+
Note: the Ad Manager Web Host service starts on demand and doesn't need to be started explicitly.
:* Search the file for the following section:
+
  
max_execution_time =
+
Use the task scheduler to set up a task to execute the batch file nightly:
 +
* Run whether user is logged on or not;
 +
* Run with highest privileges.
  
:* change it to:
+
== Configure the Ad Manager web features ==
  
max_execution_time = 0
+
1. Edit the online sharing options: "Tools : Options : Online Sharing".
  
* Increase the amount of memory a script may consume
+
2. Import the web application roles: "Tools : Import Web App : From URL...".
:* search the file for the following section:
+
  
memory_limit =
+
3. Create Web Users.
  
:* increase the limit:
+
== Configure SSL/TLS ==
  
memory_limit = 256M
+
=== Purchase an SSL certificate ===
  
* If you made changes, save them and restart the Apache service.
+
1. Create a server key and a certificate signing request (CSR).
  
=== Configure Windows Firewall ===
+
E.g. using OpenSSL:
  
Enable inbound connections to TCP port 80.
+
<pre>
 +
openssl genrsa -out host.example.com.key 2048
 +
openssl req -new -key host.example.com.key -out host.example.com.csr
 +
</pre>
  
=== Configure HTTPS ===
+
2. Use the CSR to purchase an SSL certificate from a certificate issuing authority, e.g. [https://www.digicert.com/ Digicert], [https://godaddy.com GoDaddy], etc.
  
To prevent eavesdropping attacks, we recommend that you configure the Apache web server for [http://en.wikipedia.org/wiki/HTTP_Secure HTTPS]. See [[How to Configure Apache for HTTPS]].
+
To create a self-signed certificate using OpenSSL:
  
== Install and configure the Ad Manager web application ==
+
<pre>
 +
openssl x509 -req -in host.example.com.csr -signkey host.example.com.key  -days 365 -out host.example.com.crt
 +
</pre>
  
=== Copy the web application into the Apache root directory ===  
+
=== Configure Apache for SSL ===
  
The Ad Manager web application consists of a set of HTML, PHP, Javascript and other files.
+
1. Copy the server key and the SSL certificates to a subdirectory of your Apache installation, e.g. C:\wamp64\ssl:
Deploying it is as simple as placing those files in a sub-directory of the Apache root directory ("www").
+
The name of that directory becomes part of the URL of the web application.
+
For instance, if you name the directory <code>ad-manager</code>, then the application URL will be
+
<code><nowiki>http://host/ad-manager/</nowiki></code> (where <code>host</code> is the web server's DNS name or IP address).
+
  
==== Steps ====
+
<pre>
 +
C:\wamp64\ssl
 +
  host.example.com.chain.crt
 +
  host.example.com.crt
 +
  host.example.com.key
 +
</pre>
  
* Open the Apache document root directory: click the WampServer tray icon and select '''www directory'''.
+
Here "host.example.com.key" is the server key (in PEM format), "host.example.com.crt" is the SSL certificate you purchased (in PEM format), and "host.example.com.chain.crt" is the intermediate (or chain) certificate of the certificate issuing authority (in PEM format).
  
* Create a sub-directory of the Apache document root directory with the name you selected earlier.
+
2. Edit the "httpd.conf" file:
  
* Extract the contents of the <code>ad-manager.zip</code> file into the newly created directory. Your directory structure should look like this:
+
Edit the port Apache will listen to:
- www
+
  - ad-manager
+
    + api
+
    + fonts
+
    + img
+
    + js
+
      ...
+
      index.html
+
  
== Troubleshooting ==
+
<pre>
 +
Listen 0.0.0.0:443
 +
Listen [::0]:443
 +
</pre>
  
=== Apache "Asynchronous AcceptEx failed" error ===
+
Uncomment the line that loads the SSL module:
  
==== Symptoms ====
+
<pre>
 +
LoadModule ssl_module modules/mod_ssl.so
 +
</pre>
  
The Apache error log file contains large numbers of error messages like this one:
+
3. Edit the "httpd-vhosts.conf" file:
  
[Thu Jan 28 10:06:35.918123 2016] [mpm_winnt:warn] [pid 3808:tid 2060] (OS 64)The specified network name is no longer available.  : AH00341: winnt_accept: Asynchronous AcceptEx failed.
+
Specify the port of the virtual host, update the server name if necessary, and add the SSL directives.
  
==== Cause ====
+
<pre>
 +
<VirtualHost *:443>
 +
  ServerName host.example.com
 +
  SSLEngine on
 +
  SSLCertificateFile "${INSTALL_DIR}/ssl/host.example.com.crt"
 +
  SSLCertificateKeyFile "${INSTALL_DIR}/ssl/host.example.com.key"
 +
  SSLCertificateChainFile "${INSTALL_DIR}/ssl/host.example.com.chain.crt"
 +
  ...
 +
</VirtualHost>
 +
</pre>
  
Certain OS specific optimizations for a listening socket by protocol type are enabled by default in the Windows build of Apache. Those optimizations are controlled by the [http://httpd.apache.org/docs/current/mod/core.html AcceptFilter directive]. In certain server configurations (network driver versions, virtual networking, antivirus software) those optimizations need to be disabled.
+
Note: the name specified in the ServerName directive must match the name in the certificate.
  
==== Solution ====
+
4. Restart the Apache service.
  
Edit the Apache configuration file (<code>httpd.conf</code>) and make sure that it contains, somewhere above the <code># Supplemental configuration</code> line, the following directive:
+
5. Ensure the firewall is not blocking incoming traffic to the port Apache is listening to.
  
AcceptFilter http none
+
See also: [https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html SSL/TLS Strong Encryption: How-To].

Latest revision as of 13:27, 27 January 2023

Web Ad Manager consists of the following parts:

  • the Ad Manager desktop application components: these include the ActiveX components which expose the Ad Manager data and business logic to the web application;
  • the Ad Manager Web Host service: it provides the context in which the web application loads the Ad Manager ActiveX components;
  • the Apache HTTP Server with a PHP preprocessor: it makes the web application accessible on the Internet;
  • the web application files: the HTML, CSS, Javascript, PHP and other files which make up the web application.

Please note that the Web Ad Manager Server components cannot be installed on a machine that has IIS currently installed on it, as this is incompatible with the server components used.

Contents

Install Ad Manager

Install Ad Manager (including any add-ins) as if you're setting up another client workstation.

Install and configure the Ad Manager Web Host service

Set up a Windows user account for the Web Host service

The Web Host service needs to run as a Windows user who:

  • can run Ad Manager if logged on interactively;
  • belongs to the local machine's "Administrators" group.

1. Pick or create a user account; make sure the account belongs to the local "Administrators" group.

2. Log on as that user, run Ad Manager and import the Ad Manager serial number and license into the user profile.

3. Make sure you can access all Ad Manager databases that will be exposed through the web application.

Install and register the Web Host service

1. Run the Ad Manager Web Host installer (Amwh.msi); install for "Everyone".

2. Register the service: run cmd.exe as an administrator and execute the following commands:

cd "C:\Program Files (x86)\Dot2Dot\Ad Manager Web Host"
cpwh.exe -service

3. Use the "Services" management console to configure the "Dot2Dot Ad Manager Web Host Service" to log on as the user account you configured earler.

4. Test the configuration by starting and stopping the service.

Configure the Web Ad Manager COM+ application

This step is required if you're installing the 64-bit version of WampServer. It will make the required Ad Manager components, which are 32-bit, accessible to the web application.

1. Launch the "Component Services" management console.

2. Create a COM+ server application called "Web Ad Manager", running as "Local Service".

3. Import the "Cpwh.DateTime" coponent from the 32-bit registry into the application.

Configure the Web Host database connections

Select the "Configure" shortcut in "Start : All Programs : Dot2Dot Ad Manager Web Host" and add a connection for each database that will be exposed through the web application.

Set Up the Web Server

Install WampServer

Follow the instructions at the WampServer download page. The latest Microsoft Visual C++ Redistributable components are a pre-requisite.

Allow incoming connections to the web server port

Use the "Windows Firewall with Advanced Security" management console to allow the incoming connections.

Select the appropriate PHP version

The highest PHP version the Ad Manager web applications are compatible with is 7.3.x.

Tweak the PHP configuration

Edit the "php.ini" file.

1. Disable the script execution timeout:

max_execution_time = 0

2. Remove the memory limit:

memory_limit = -1

Create the Ad Manager web applications

Extract the web application archives into sub-directories of the Apache document root directory (usually C:\wamp64\www). Your directory structure should look like this:

C:\wamp64\www
- wam
  + api
  + fonts
  + img
  + js
    app.xml
    index.html
- wam-pub
  + api
  + fonts
  + img
  + js
    app.xml
    index.html

Edit the "httpd-vhosts.conf" file to enable remote access to the new directories.

# Virtual Hosts
#
<VirtualHost *:80>
  ServerName localhost
  ServerAlias localhost
  DocumentRoot "${INSTALL_DIR}/www"
  <Directory "${INSTALL_DIR}/www/">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
    AllowOverride All
    Require local
  </Directory>
  <Directory "${INSTALL_DIR}/www/wam">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
    AllowOverride All
    Require all granted
  </Directory>
  <Directory "${INSTALL_DIR}/www/wam-pub">
    Options +Indexes +Includes +FollowSymLinks +MultiViews
    AllowOverride All
    Require all granted
  </Directory>
</VirtualHost>

Schedule a nightly restart of the services

Create a batch file to stop, force the termination of, and restart the Wampapache and Ad Manager Web Host services:

@echo off
net stop wampapache
taskkill /f /im httpd.exe
net stop cpwh
taskkill /f /im cpwh.exe
net start wampapache

Note: the Ad Manager Web Host service starts on demand and doesn't need to be started explicitly.

Use the task scheduler to set up a task to execute the batch file nightly:

  • Run whether user is logged on or not;
  • Run with highest privileges.

Configure the Ad Manager web features

1. Edit the online sharing options: "Tools : Options : Online Sharing".

2. Import the web application roles: "Tools : Import Web App : From URL...".

3. Create Web Users.

Configure SSL/TLS

Purchase an SSL certificate

1. Create a server key and a certificate signing request (CSR).

E.g. using OpenSSL:

openssl genrsa -out host.example.com.key 2048
openssl req -new -key host.example.com.key -out host.example.com.csr

2. Use the CSR to purchase an SSL certificate from a certificate issuing authority, e.g. Digicert, GoDaddy, etc.

To create a self-signed certificate using OpenSSL:

openssl x509 -req -in host.example.com.csr -signkey host.example.com.key  -days 365 -out host.example.com.crt

Configure Apache for SSL

1. Copy the server key and the SSL certificates to a subdirectory of your Apache installation, e.g. C:\wamp64\ssl:

C:\wamp64\ssl
  host.example.com.chain.crt
  host.example.com.crt
  host.example.com.key

Here "host.example.com.key" is the server key (in PEM format), "host.example.com.crt" is the SSL certificate you purchased (in PEM format), and "host.example.com.chain.crt" is the intermediate (or chain) certificate of the certificate issuing authority (in PEM format).

2. Edit the "httpd.conf" file:

Edit the port Apache will listen to:

Listen 0.0.0.0:443
Listen [::0]:443

Uncomment the line that loads the SSL module:

LoadModule ssl_module modules/mod_ssl.so

3. Edit the "httpd-vhosts.conf" file:

Specify the port of the virtual host, update the server name if necessary, and add the SSL directives.

<VirtualHost *:443>
  ServerName host.example.com
  SSLEngine on
  SSLCertificateFile "${INSTALL_DIR}/ssl/host.example.com.crt"
  SSLCertificateKeyFile "${INSTALL_DIR}/ssl/host.example.com.key"
  SSLCertificateChainFile "${INSTALL_DIR}/ssl/host.example.com.chain.crt"
  ...
</VirtualHost>

Note: the name specified in the ServerName directive must match the name in the certificate.

4. Restart the Apache service.

5. Ensure the firewall is not blocking incoming traffic to the port Apache is listening to.

See also: SSL/TLS Strong Encryption: How-To.