Changing the Passwordstate URL

[support]

To change to Passwordstate URL, there are a few things that are required to be completed:

 

1.       Ensure you have a functioning DNS entry for the new URL as per below screenshot:

 

 

2.       On your Web server, modify the bindings in IIS like screenshot below to match the URL you set in DNS.  Using port 443 means you don't have to append the port number to the end of your URL, which makes for an easier URL to remember"

 

 

 

3.       If you are using the Self-Signed Certificate that Passwordstate installs, you will need to create a new one with Powershell, using the below instructions. 

 

If you would prefer to set up a internal Certificate Authority, and generate a more secure certificate to use on your Passwordstate website, please see this forum post:  https://www.clickstudios.com.au/community/index.php?/topic/2934-how-to-set-up-a-internal-certificate-authority/.  This forum post describes how to generate a certificate from an internal Certificate Authority: https://www.clickstudios.com.au/community/index.php?/topic/1952-generate-a-new-certificate-from-active-directory-certificate-authority/  

 

 

 

 

Creating a new Self Signed Certificate:

         1. On your web server, open Powershell ISE "As Administrator"

         2. Ensure Powershell is at least version 4.0, but 5.0 is preferred.  Type $host into console and run the script to see what version you are running.  If you have to upgrade please use this link: https://www.microsoft.com/en-us/download/details.aspx?id=50395

         3. Copy the following code into your Powershell ISE console, and change the URL in the second line to be your new URL - run the script and it will create a new certificate for you.

 

# Begin script
$URL = "sandbox.halox.net"

$PowershellVersion = $host.version.Major
 
 # Create the SSL Certificate, using different commands depending on which version of Powershell is installed.  Preferably Powershell 5, as this allows us to set a longer expiry date on the certificate
    if ($PowershellVersion -eq '4')
    {
        $cert = New-SelfSignedCertificate -DnsName $URL -CertStoreLocation Cert:\LocalMachine\My    
    }
    if ($PowershellVersion -eq '5')
    {
        $StartDate = '01/01/' + (Get-Date).Year
        $EndDate = '01/01/' + (Get-Date).AddYears(5).Year
        $cert = New-SelfSignedCertificate -DnsName $URL -CertStoreLocation Cert:\LocalMachine\My -FriendlyName $URL -NotBefore $StartDate -NotAfter $EndDate
    }
        
    $rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine
    $rootStore.Open("MaxAllowed")
    $rootStore.Add($cert)
    $rootStore.Close()

 

 

4.      Now in IIS, go to the bindings for the site, double-click on the https binding, and select the new certificate you just created from the drop-down list

 

5.      Back in Passwordstate, go to the screen Administration -> System Settings -> Miscellaneous tab, and update the "Specify the Base URL used in any emails generated by Passwordstate" field you see here with the new URL so all the links in the emails sent out are accurate, and various other functionality works as well.

 

 

 

Regards,

Support