SSL Certificate

To secure communication with Web Port, SSL (Secure Socket Layer) is used. This ensures that all traffic between clients and the server is encrypted. To make this work, an SSL certificate must be installed.

The correct method depends on your specific situation. The table below outlines common scenarios and the recommended approach for each.

 

Common Scenarios and Recommended Methods

Scenario:	Recommended Method:
You already have a valid certificate from an external provider (e.g. IT department)	Go to Import an Existing Certificate
You want to use a trusted certificate issued by a Certificate Authority (CA) but don’t have one yet	Go to Generate a CSR and Submit to a CA
You want a quick setup and don’t require a trusted certificate	Go to Create a Self-Signed Certificate in Web Port
You want to require client certificate authentication (Optional)	Go to Enable Client Certificates

 

The following information is entered to generate a certificate, or CSR under "System Settings" > "Server" > "SSL Certificate"

Information:	Description:
Common name (CN)	The IP address or domain name the certificate will be issued to (MANDATORY)
Organisation	Organisation name, for example, company name
Department	Any department within the company
City	City where the company operates
Region / State	Region in the country where the company operates
Country	Country where the company where the company operates
Alternative names	Used if several domain names or IP addresses are to be protected
Key Type	Number of bit encryption in the key
Password	Password for the certificate (.p12 file)
Self-Signed	Marked if a self-signed certificate is to be generated
CSR-file	Click to download the generated Certificate Signing Request (CSR) file for submission to a Certificate Authority (CA).
Private Key	Click to download the private key generated during CSR creation.
Domain Certificate	Field to paste the domain certificate received from the CA.
CA Intermediate Certificate	Field to paste the intermediate certificate from the CA.
CA Root Certificate	Field to paste the root certificate from the CA.
Use Client Certificate	Enable this to require clients to present a certificate when connecting.
Force Certificate Login	When enabled, only users with valid client certificates can log in.
Trusted Issuer	Name of the Certificate Authority (CA) that issued client certificates you want to trust.

 

Import an Existing Certificate

This is the most common use case: you already have a valid certificate (e.g. provided by your IT team or a third-party CA) and want to use it in Web Port.

Steps:

1. Go to System Settings → Server → SSL Certificate

2. In the field Common Name (CN), enter the exact domain name or IP address that matches the certificate installed in Windows (e.g. webport.company.com or 192.168.1.100)

3. Make sure the checkbox "Self-Signed" is NOT checked

4. Click Save

5. Stop the Web Port server

6. If the certificate is not yet installed on the server:

   • Double-click the certificate file (.cer, .pfx, or similar)

   • Follow the installation wizard

   • Select Local Machine as the target store (not Current User)

   • Ensure the certificate is placed under Trusted Root Certification Authorities

7. Start the Web Port server

8. Access Web Port in your browser using https:// and verify the secure connection

9. If needed, check the certificate details in System Settings → Server → SSL Certificate

 

 

Generate a CSR and Submit to a CA

If you need a trusted certificate but don’t have one yet, you can generate a Certificate Signing Request (CSR) directly from Web Port and submit it to your Certificate Authority (CA). Once the CA issues your certificate, you can import the signed certificate files back into Web Port to complete the setup.

Steps:

1. Go to System Settings → Server → SSL Certificate.

2. Fill in the certificate information fields, especially the Common Name (CN) — this must match the IP address or domain name (e.g., 192.168.1.100 or webport.company.com).
   Also set a Password — this will later be required when installing the final certificate file (webport.p12). Other fields are optional.

3. Make sure the checkbox "Self-Signed" is NOT checked.

4. Click Save.

5. Click Create CSR to generate the Certificate Signing Request.

6. Wait for the confirmation popup indicating the CSR has been created. The “Pending Certificate” section will then appear in the side menu

7. Download and save the CSR file. This is the file you submit to your chosen Certificate Authority (CA).

8. Download and save the Private Key securely — this key is needed to install the certificate later and should be kept private.

9. Submit the CSR file to your chosen Certificate Authority following their instructions.

10. When you receive the signed certificates from the CA, copy and paste their contents into the respective fields in Web Port. See the info box below for details.

    • Domain Certificate

    • CA Intermediate Certificate

    • CA Root Certificate

11. Click Save.

12. Click Create Cert to generate the final certificate file (webport.p12) for Web Port.

13. Wait for a popup message indicating that the certificate has been generated – this may take a few minutes

14. Stop the Web Port server.

15. Go to Web Port’s data directory and locate the webport.p12 file.

16. Double-click webport.p12 and follow the Windows installation instructions:

    • Make sure to install the certificate for the Local Machine (not Current User).

    • Enter the password you specified when generating the certificate.

17. Make sure the certificate is placed under Trusted Root Certification Authorities in Windows

18. Start the Web Port server.

19. Access Web Port in your browser using https:// and verify the secure connection

20. If needed check the certificate details in System Settings → Server → SSL Certificate.

 

 

 

Create a Self-Signed Certificate in Web Port

A self-signed certificate is created and signed by the Web Port server itself rather than a trusted Certificate Authority (CA). This means the certificate is not inherently trusted by browsers or external systems, which may result in security warnings unless the certificate is manually installed and trusted on client devices. Use of self-signed certificates is suitable when external trust is not required or when managing trust internally.

Steps:

1. Go to System Settings → Server → SSL Certificate.

2. Fill in the certificate information fields, especially the Common Name (CN) — this must match the IP address or domain name of your Web Port server.
   Also set a Password — this will later be required when installing the final certificate file (webport.p12).

3. Make sure the checkbox Self-Signed is checked.

4. Click Save.

5. Click Create Cert to generate the self-signed certificate.

6. Wait for a popup message indicating that the certificate has been generated — this may take a few minutes.

7. Stop the Web Port server.

8. Go to Web Port’s data directory and locate the webport.p12 file.

9. Double-click webport.p12 and follow the Windows installation instructions:

   • Make sure to install the certificate for the Local Machine (not Current User).

   • Enter the password you specified when generating the certificate.

10. Start the Web Port server.

11. Access Web Port in your browser using https:// and verify the secure connection

12. If needed check the certificate details in System Settings → Server → SSL Certificate.

 

 

Enable Client Certificates (Optional)

Client certificates add an additional layer of security. With this enabled, only users or devices with a valid client certificate can log in to Web Port.

When should you use client certificates?

• When dealing with sensitive data

• When strict access control is required

• When you already have infrastructure for managing user certificates (e.g. an internal CA)

How to enable:

1. Go to System Settings → Server → SSL Certificate

2. Check Use client certificate

3. (Optional) Check Force certificate login to require client certificates for all logins

4. Specify the Trusted Issuer (CA)

 

 

Remove or Disable a Certificate

Remove an active certificate from Web Port

1. Go to System Settings → Server → SSL Certificate

2. Click Remove Cert

3. Restart Web Port Server

Remove from Windows

1. Open the Certificate Manager (certmgr.msc)

2. Search for certificates named "WebPort"

3. Right-click and delete them

Temporarily disable SSL

1. Rename the file webport.p12 (e.g. webport.p12.bak)

2. Restart Web Port Server

3. Access Web Port using http:// instead of https://

 

 

 

Troubleshooting & Common Issues

Issue:	Possible Cause:	Fix:
Web Port doesn’t start	Wrong port configured	Open webport.conf and set "ServerPort" to 443
Browser warns about security	Self-signed certificate not trusted	Install certificate as trusted on the client device
Login is denied	Missing or invalid client certificate	Ensure valid certificate and correct CA are used
Wrong certificate scope	Installed for wrong user	Reinstall for Local Machine, not Current User

Change SSL Port in Configuration

If Web Port fails to start after configuring SSL, the port may be incorrectly set.

1. Open the file: C:\ProgramData\WebPort\webport.conf

2. Edit using a text editor

3. Make sure this section is correctly configured:

"default": {
  "ServerPort": 443
}

4. Save and restart Web Port