Securing HTTP Cookies Created by App Portal

If your App Portal website is running under HTTPS binding (https:// is visible in the URL), then you need to make a configuration change so that HTTP cookies will only be transmitted under HTTPS communication.

To secure HTTP cookies created by App Portal:

1.

Locate the following file on your App Portal Website server:

[App Portal Installation Location]\web\web.config

2.

Open the web.config file (as an Administrator) in a text editor.

3.

In the <httpCookies> element, change the value of the requireSSL parameter from false to true:

<httpCookies httpOnlyCookies="true" requireSSL="true" />

Important:If your organization is using HTTP binding (http:// is visible in the URL), then the requireSSL parameter must remain set to false.