Destiny® HTTPS support

Destiny supports secure access using the Hypertext Transfer Protocol Secure protocol (HTTPS). With HTTPS configured, Destiny automatically uses HTTPS for functions where sensitive information is handled, such as logging in or editing a patron. In combination with a proxy server, it can significantly improve the security of your server.

To support HTTPS, Destiny requires an SSL certificate. The certificate is used to encrypt traffic between your browser and Destiny. Although Destiny ships with a sample certificate, it should not be used in a production environment.

Before deploying your certificate, it must be validated in a process known as signing. Although it is possible to sign a certificate yourself, such certificates are not recognized by browsers and trigger security alerts when used.

Most school districts have their certificates signed by a recognized certificate authority such as Verisign or Thawte. Certificate authorities charge a fee to sign your certificate, and typically require a yearly renewal. You must also import the certificate authority's root certificate. However, certificates signed by a certificate authority are recognized by browsers and don't trigger security alerts.

To configure HTTPS support for Destiny:

1. Generate a keystore and a new certificate.
2. Export a certificate signing request for the certificate in your keystore and upload the signing request to your certificate authority.
3. Download the certificate authority’s root certificate and import it into your keystore.
4. Download the certificate signing reply from your certificate authority and import it into your keystore.
5. Configure your Destiny® server.