Set the entire PowerPAC site to https only

You can use SSL to secure the entire PowerPAC site, not just patron information (see Secure Socket Layer (SSL)). However, if you use content from third-party vendors, be aware that your patrons may receive messages about allowing unsecured content. If you think the messages will be a problem, contact your vendors to see if they can use https. (If so, you will need to change their Enriched Data URL settings from http to https. See Polaris Social with ChiliFresh Connections.)

To set up the entire PowerPAC site to use https:

Note:
If you have set a patron inactivity timeout for PAC workstations in the library, and SSL is enabled for the entire site, the 60-second countdown timer appears in the status bar only if you add the site to the trusted sites list in Internet Explorer. For more information about the inactivity timeout, see Patron Inactivity Timer.

1. Install an SSL Certificate on the Web server.
2. In Polaris Administration, set the Web server PAC parameter SSL: Enable to Yes.
3. In Polaris Administration, change the Web server PAC parameter URL of the PowerPAC’s root to begin with https instead of http.
4. Using the IIS Manager on the Web server, change the SSL Settings at the root of the Polaris Web application to Require SSL.

 

5. Using the IIS Manager, set up a custom error page for a status code of 403.4 that will redirect the browser to the secure version of the PAC.

 

 

6. Using the IIS Manager, edit the Feature Settings to use either Custom error pages or Detailed errors for local requests and custom error pages for remote requests.