Create IIS Site for Colectica Repository

  1. In IIS, right click your machine and select Add Website. Use the following information.

    Site Name

    ColecticaRepository

    Physical path

    The RepositoryDir\ directory to which you extracted the Colectica Repository binaries

    Binding Type

    net.tcp

    Binding Information

    19893:*

    ../../../_images/iis-repository-add-website.png

    After entering the information, click OK.

  2. In the newly created Application Pool, make sure the .NET Framework Version is set to 4.0.

    ../../../_images/iis-repository-application-pool.png
  3. Right click the ColecticaRepository Application Pool, and choose Advanced Settings. Find the Identity property, and change the value from ApplicationPoolIdentity to NetworkService, or whatever service account you have designated to run the repository.

    ../../../_images/iis-repository-application-pool-advanced.png
  4. Right click the ColecticaRepository site and choose Edit Bindings.

  1. Click Add to add an HTTPS Binding. Enter the following information.

    Type

    https

    Port

    19894

    SSL Certificate

    Select an appropriate certificate for Colectica Repository

    ../../../_images/iis-repository-https-binding.png

    See also

    If you do not have a certificate, see the Certificate section below.

    After entering the information, click OK.

  2. In the Site Bindings dialog, click Add again to add an HTTP binding. Enter the following information.

    Type

    http

    Port

    19895

    Hostname

    The desired hostname

    ../../../_images/iis-repository-http-binding.png

    After entering the information, click OK.

  3. The Site Bindings dialog should now show three bindings.

    ../../../_images/iis-repository-site-bindings.png

    Click Close.

  1. Right click the ColecticaRepository site and choose Manage Web Site ‣ Advanced Settings.

  1. Set Enabled Protocols to http,https,net.tcp

    ../../../_images/iis-repository-advanced-settings.png

    Note

    IIS requires that there are no spaces between the comma-separated list of enabled protocols.

Certificate

  1. Obtain a certificate and install it in the local machine’s certificate store. If you do not have a certificate for use above, you can create a self-signed certificate.

  1. A self-signed certificate can be created using PowerShell as an administrator:

    New-SelfSignedCertificate -DnsName "<hostname>" -CertStoreLocation "cert:\LocalMachine\My" -KeyLength 2048 -KeyExportPolicy Exportable -KeySpec KeyExchange
    

    Be sure to replace <hostname> with the appropriate hostname.

  1. Give read permission to the appropriate service account.

  1. Run the Certificate MMC addin and find the newly installed certificate.

  2. Right click the certificate and choose All Tasks ‣ Manage Private Keys.

  3. Add the NETWORK SERVICE account, or whichever service account will run the software, and make sure Read access is enabled.