1. Home
  2. Quick-Start
  3. Installation and Requirements
  4. SSL Certificates for the On-Premises API

SSL Certificates for the On-Premises API

The LabStats API is available for on premise customers. The API requires https. If your server is already publicly available, you may already have an ssl certificate set up, so you can proceed with the installation and use the existing certificate. If not, there are a few options available.

Certificate Options

  1. Migrating to registered domain names – You can use a registered domain name with a DNS entry to point it to the IP of the non-public box.
  2. Setting up and running your own enterprise CA – You would need to set up and maintain your own Certification Authority. This would require pushing out that CA to all the boxes that might use it (this can be done via group policy).
  3. Using self-signed SSL Certificates – This is the easiest to set up, however you will get a warning and have to ignore it to proceed anyway.  This teaches users to ignore important browser warnings, which can pose a security risk.
  4. Obtaining SSL Certificates under non-public roots from your trusted CA provider – this is a good option if you want to continue using unqualified names, but don’t want to run your own CA or rely on self-signed certificates.
    • This guide will proceed with this option using a GlobalSign Intranet SSL Certificate as our example.

Requesting a Certificate From Your CA

To get started, you will need to open up IIS Manager on the server where the LabStats API will be hosted. Click on the server name >> under IIS, double-click on ‘Server Certificates’. On the right hand side, click on ‘Create Certificate Request’.

After entering some organization information, this will generate a CSR (Certificate Signing Request). You will need this in order to request your Intranet SSL Cert.

To order an Intranet SSL certificate from your Certificate Authority (CA) of choice, you will need to have created an account with them and given them an opportunity to vet your public domain. This vetting is used as a basis for generating your Intranet SSL Certificate. Once they have vetted your account, you will be ready to acquire the certificate. Paste your CSR into the Certificate Application. When you copy the CSR make sure to include the “—–Begin New Certificate Request—–” and the “—–End New Certificate Request—–” sections, along with everything in between.

When selecting the certificate type, select IntranetSSL. If this option is not available, you may need to contact your CA to make the option available for your account. Select the ‘Internal Server Name’ option.

Once you have requested the certificate, your request will be vetted and you will be notified when your certificate is available for download and use. It may include a private key, which you would have selected during the purchase process.

Importing the Certificate

Prior to installing your certificate, you will need to import an intermediate certificate which you will be able to download from your CA.

After importing the intermediate certificate and downloading your purchased Intranet SSL Certificate, double-click on the certificate and you will see the import wizard.

Complete the Certificate Import Wizard and then you will be ready to proceed with the installation of the LabStats API.

Installing the LabStats Server

Download and run the LabStats server installer. On the IIS Settings page, you can keep the default ports, or you can change them to better suit your needs.

If you have selected to install the LabStats API, you will then be taken to a Configure SSL page. Here you will select the System Store (by default most certificates are installed in the personal store, which is identified as ‘MY’. This is the default System Store included in the setup).

Next you need to add the thumbprint of your certificate. If you have used the certificate before, or if you are using a self-signed certificate, you can open IIS Manager and click on the server name >> under ‘IIS’, double-click on ‘Server Certificates’ on the right hand side. You will see your certificates listed there.

Double-click on your certificate. Under the Details tab, scroll down to ‘Properties Only’ and click on the Thumbprint. (You can also scroll directly to the Thumbprint). Copy the thumbprint and paste it into the LabStats Server installer dialog.

If you have not used your newly imported certificate before, it may not show up in IIS manager. In this case, you can click on the Windows icon, type “run” and hit enter. In the Run box, type “mmc” and hit enter. This will open the management console.

Under Certificates (Local Computer), expand Personal and click on Certificates. You should see your imported certificate there.

Double-click on the certificate and follow the steps above to obtain the thumbprint.

Once the LabStats API has been installed, login to the LabStats Portal and navigate to ‘External Systems’ >> API Management.

You will have the ability to create keys and see your LabStats API url. If you click on the url, it will open up the API sandbox which will allow you to test your keys and see which API calls are available.

You can also edit your API url. Keep in mind that this only changes what is listed in the LabStats Portal, and that to change the actual url or ports, you will need to do so through IIS.

Updated on July 21, 2022

Was this article helpful?

Need Support?
Can’t find the answer you’re looking for? Don’t worry; we’re here to help!
Contact Support