Install Sana Add-on in AX Environment

Open 'Install Sana Commerce on AX Environment' wizard, choose you AX version and service to see more information.

Setup Web Service to Use SSL

Secure Sockets Layer (SSL) is a cryptographic protocol that helps provide security and data integrity for data communications over a network. By encrypting your Microsoft Dynamics AX Web service using SSL, you make your data and the network more secure and more reliable.

It is required to secure data transfer between the Sana web store and Microsoft Dynamics AX.

Prerequisites

  • The server which hosts the Microsoft Dynamics AX Web service must support TLS 1.2. TLS 1.2 is available on Windows Server 2008 R2 and higher. It is not available on Windows Server 2008 by default, but you can install an update to add support for TLS 1.2 on Windows Server 2008.
  • Before configuring the Web service to use SSL, you must obtain a security certificate for the Web service domain. The certificate is issued by a certificate authority (CA). If this is a test environment, you can create and use a self-signed SSL certificate. The self-signed SSL certificate can be used only for testing purposes.
  • Internet Information Services (IIS) Manager.
  • Service Configuration Editor. This editor allows to configure Web service using a graphical user interface. With this tool you can configure the Web service without having to directly edit the "web.config" file. For more information, see "Configuration Editor Tool (SvcConfigEditor.exe)" in the MSDN Library.

    If you don't have the Configuration Editor Tool, you can make the necessary changes in the "web.config" file of the Microsoft Dynamics AX Web service.

Configure Internet Information Services (IIS) Manager to listen to HTTPS

Step 1: Open IIS Manager.

Step 2: In the IIS Manager select the web site where Microsoft Dynamics AX Web service is running.

Step 3: In the "Actions" pane on the right click "Bindings".

Step 4: In the "Site Bindings" window click "Add".

Step 5: Add site binding with "https" type and select the SSL certificate obtained from the certification authority.

Configure Microsoft Dynamics AX Web service to use SSL (automatic setup)

To make configuration of HTTPS for Microsoft Dynamics AX Web service easier, Sana provides a feature that allows to set up HTTPS automatically. You can set up HTTPS just with a single click directly in Microsoft Dynamics AX and Sana will do the rest.

In Microsoft Dynamics AX click: Webshop > Setup > Parameters. In the Parameters window, click Configure HTTPS.

It will create the necessary binding and endpoint and set up the required settings.

If you encounter some issues with setting up HTTPS from the Parameters window, please configure it manually as described below.

Configure Microsoft Dynamics AX Web service to use SSL (manual setup using Configuration Editor Tool)

Step 1: In Microsoft Dynamics AX go to: System administration > Setup > Services and Application Integration Framework > Inbound ports.

Step 2: Locate the Sana service created during installation and deactivate it, if it is activated.

Step 3: Click on the "Configure" button. Microsoft Service Configuration Editor will open where you can configure the Web service to use SSL.

Step 4: Create a new service binding of a "basicHttpBinding" type and set the binding settings as shown on the screenshot below.

Step 5: Under the "Security" tab select the "Transport" mode and "Windows" TransportClientCredentialType.

Step 6: Create endpoint and link it to the previously created binding.

Step 7: Under the "Service Behaviors" node open "serviceMetadata" and set "HttpsGetEnabled" to "True".

Step 8: When the Web service is configured to use SSL, activate it in the "Inbound ports" window.

Configure Microsoft Dynamics AX Web service to use SSL (manual setup in "web.config")

If you don't have the Configuration Editor Tool, you can make the necessary changes directly in the "web.config" file of the Microsoft Dynamics AX Web service on the server. You can open the "web.config" file in Notepad for example and make the necessary changes as described below.

Step 1: Add the following binding:

<binding name="https" receiveTimeout="00:02:00" sendTimeout="00:02:00" maxBufferSize="6553600" maxBufferPoolSize="5242880" maxReceivedMessageSize="6553600">
  <readerQuotas maxDepth="9999999" maxStringContentLength="9999999" maxArrayLength="9999999" maxBytesPerRead="9999999" maxNameTableCharCount="9999999" />
  <security mode="Transport">
    <transport clientCredentialType="Windows" />
  </security>
</binding>

Step 2: Add the following endpoint:

<endpoint binding="basicHttpBinding" bindingConfiguration="https" name="https" contract="System.ServiceModel.Routing.IRequestReplyRouter" />

Step 3: Find the following line and make sure that the value of the parameter "httpsGetEnabled" is "true".

<serviceMetada httpGetEnabled="true" httpsGetEnabled="true" />