4.10 Setting up SSL/TLS

For production systems, you are strongly recommended to set up SSL/TLS on all MyID websites and web services. See the Configuring SSL/TLS (HTTPS) section in the Securing Websites and Web Services document.

4.10.1 SSL/TLS for the MyID Operator Client

Important: The web services used by the MyID Operator Client (rest.core and web.oath2) require SSL/TLS; if you do not connect through HTTPS, you cannot use the MyID Operator Client. For information on setting this up, see the Configuring SSL/TLS (HTTPS) section in the Securing Websites and Web Services document.

When you run the MyID installation program, you must specify the MyID Server URL. This must match the URL of the server as accessed by client PCs using the MyID Operator Client, which must in turn match the server name used in the SSL/TLS certificate. The default value provided by the installation program is the fully-qualified domain name of your server, but this may not match the URL used by your clients; for example, you may use a domain name such as myid.example.com that is mapped to the web server rather than an internal address.