Applies to: OutSystems PaaS versions prior to 9.1.301.0. For OutSystems 9.1.301.0 or higher, check here how to enable SSL/TLS.

This topic describes how to activate SSL/TLS for an environment, allowing users to access your applications using HTTPS.

In this example the Operations team activates SSL/TLS for the Production environment, so that end-users can access applications using HTTPS.

Benefits of Using HTTPS

HTTPS allows you to establish a secure communication channel between the end-user and your OutSystems environment. This way:

Moreover, when the environment is using HTTPS, the development environments and monitoring consoles use a secure connection to the environment.

Develop Applications Using HTTPS

In this example, some applications require exchanging sensitive information between the client and the server, like usernames, passwords, or credit card information. To ensure this information is not made available to third-parties, the development teams already implemented the applications to ensure that this information is transferred over HTTPS. Learn how to implement applications using HTTPS.

Before deploying the applications to the Production environment, you need to make sure it has SSL/TLS active, otherwise these parts of the application will simply not work: they require HTTPS but it is not active.

Acquire an SSL Certificate

In order for users to access applications using HTTP, the application server needs to have a valid certificate. For this, you need to acquire a certificate for your domain.

To acquire a valid certificate you need to:

  1. Create a DNS entry that points to your Production environment. For this, make sure you create with your DNS provider a CNAME Record Type that points directly to your Production environment load balancer.
  2. Purchase an SSL certificate from a Certificate Authority.

Activate SSL/TLS

Once you have acquired a certificate for your domain,, go to the 'Environments' screen, click the Production environment and in the environment details, under 'Security', choose 'Activate SSL/TSL'.

You can then upload the certificate and click 'Upload and Activate Service'. The certificate you upload needs to be in the .PFX format and include the Private Key. You should check with your Certificate Authority on how to obtain this file. If the certificate has a password, you should also include it in the upload, or wait to be contacted by an OutSystems Support Engineer.

An OutSystems Support Enginner then installs the certificate in the environment and your Production environment changes to signal that you have a secure connection configured. After this, your end-users can start accessing the applications using HTTPS.

Test Your Applications

If you are using HTTPS in parts of your applications, you should activate SSL/TLS in all environments. This will allow you to test the applications closer to the way end-users are going to use them.

For this, acquire a certificate for each environment and follow the instructions presented above.

See Also

Use a VPN to Set a Virtual Private Cloud