This guide covers enabling full SSL support on your AES instance.

We will assume that you have your certificates ready to go, if you need to generate a CSR you can do this in the AES settings.

In general uploading your SSL certificates is easy, but the order is crucial.

If you have a key file you must upload this first. Click on the blue arrow next to the key file, select the key file, and then hit upload. You will get a response saying it was uploaded, and see the path to the key file change. If this doesn't occur, you should try again.

Once the key file is uploaded, you can now upload the main certificate. Again, click the corresponding blue arrow, select the certificate file, and upload it. Once the certificate is uploaded, the server will need to restart the http server. If the certificate is applied successfully, the server will restart and you will see the new certificate in the path name.

Once the certificate file is uploaded, you are generally good to go. However, if you have a chain or CA file you should upload these now. Once these are uploaded, you will need to restart the server to have them take effect.

The last step is to optionally force HTTPS only. On the settings page, under security find the "Activate SSL encryption (https://) for all Private Server web pages" switch, and turn it on. Now return home, reload the page, and see the server force you to HTTPS.

NOTE: If you are forcing HTTPS only, you cannot use the airconsole in Websockets transport mode, you must use raw HTTP.