Configure KFS 4.3 to Accept Secure Communication Using HTTPS

Issue

How to configure Kofax Front Office Server (KFS) 4.3 to accept secure communications using HTTPS.

Cause

By default, the KFS 4.3 installer will configure KFS and IIS to accept HTTP communications.

Solution

To enable HTTPS on the KFS server:

1. Open the Internet Information Services (IIS) Manager.
    
2. Select the Site that hosts the Kofax application.
    
3. From the Actions menu, select Bindings.
   
    
4. If a binding for https does not already exist, click Add.
    
5. Set the Type to https
    
6. Set the IP Address to All Assigned
    
7. Set the Port to 443
    
8. Leave the Host name field blank.
    
9. Select the desired SSL certificate that will be used to secure the connection.

   Best Practice is to select a Certificate Authority-signed SSL certificate where the Issued To: value matches the Fully Qualified Domain Name of the KFS server or the Proxy Server.

10. Click OK.
     
11. Close the Site Bindings window.
     
12. Open a Command Prompt "as administrator".
     
13. Enter the following command to navigate to the kfsservice folder:
    cd "C:\Program Files (x86)\Kofax\Front Office Server 4.3\kfsservice"

    The path in the command above is for the KFS 4.3 default installation location. If KFS was installed to a custom location, alter the above path accordingly.

14. Enter one of the following commands to configure KFS:
    • To accept communications over HTTPS only:
      KfsConfig.exe /CONFIGURECOMPATIBILITY=https
    • To accept communications over both HTTP and HTTPS:
      KfsConfig.exe /CONFIGURECOMPATIBILITY=both
       
15. In the Internet Information Services (IIS) Manager, select the Site that hosts the Kofax application and from the Actions menu, under Manage Website, click Restart.

Level of Complexity 

Moderate

Applies to  

References

N/A

​