By default IriusRisk is deployed with a basic HTTP endpoint, but we highly encourage our customers to set an HTTPS protocol for production environments.
Once you install IriusRisk through the AWS Marketplace you will already have an Application Load Balancer component called IriusRisk-ALB required to configure the HTTPS endpoint. In a new installation this load balancer will have one HTTP listener in the port 80 forwarding client requests to IriusRisk-WebServer instance through the dedicated target group called IriusRisk-ALBTargetGroup.
In order to set up an HTTPS endpoint you need to follow the official AWS guide to add an HTTPS listener to the IriusRisk-ALB load balancer.
Some recommendations for a typical workflow:
- Create an HTTPS listener on the port 443. Add default action to forward to IriusRisk-ALBTargetGroup. Use the default certificate policy and indicate your SSL certificate.
- Modify an existing HTTP listener on the port 80. You need to redirect it to the HTTPS port 443.
- Create a CNAME record in your DNS system to map your chosen name for IriusRisk to IriusRisk-ALB load balancer DNS name.
Finally, remember to setup your new external URL in IriusRisk, so you can receive proper password reset emails.