You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
Welcome to the CAREWare FAQ Page
announcement close button
Home > CAREWare > Using HTTPS for communication between the HTTP server and Business Tier
Using HTTPS for communication between the HTTP server and Business Tier
print icon


These instructions describe the procedure for setting up secure HTTPS message exchanges between the CAREWare 6 HTTP server and Business Tier.

Set up TLS certificate

Obtain an X.509 TLS certificate from a trusted Certificate Authority and use the Windows utility certlm to install it to the Trusted Root Certification Authorities certificate store on the machine that hosts the Business Tier. If certlm is not found in the Start Menu, you should be able to find it at

"C:\WINDOWS\SYSTEM32\CERTLM.MSC". Next, use the netsh command to bind this X.509 TLS certificate to the IP address and port number on which the Business Tier will accept incoming messages from the HTTP server. The syntax for this command is:


Values that you will need to specify are as follows:


The ip address and port number on which the Business tier will listen. You can specify a specific IP address here or leave it as to listen on all IP addresses that refer to this machine.


This will be “Root” if the certificate was added to the Trusted Root Certification Authorities store. appid

Generate a random GUID to identify the CAREWare HTTP server and use it for this parameter. certhash

This is also known as the “thumbprint” of the certificate. Using certlm, navigate to Trusted Root Certification Authorities/Certificates and double-click on the X.509 TLS certificate you added earlier. Click on the Details tab of the dialog box that opens and scroll down to the Thumbprint field to find this value.

Set up CAREWare to use HTTPS

Locate the CAREWare HTTP server’s configuration file: res_admin_settings.txt, located at:

C:\Program Files\CAREWare HTTP Server\cwhttp\res_admin by default. The first section of the URLs in the fields “state_url” and “get_doc_url” will be “http” if CAREWare is currently configured to use unencrypted communication between the Business Tier and HTTP server. Change the “state_url” and “get_doc_url” values so that they begin with “https” instead of “http”.

Use the CW Admin utility to change the Server Settings value with the tag “CWBusinessTierProtocol” from “http” to “https”.

Once these settings have been saved, restart both the Business Tier and the HTTP server. Log into CAREWare to test that https communication is working. Note that these steps DO NOT configure CAREWare to use HTTPS for communication between the browser and the HTTP server.

0 out of 0 found this helpful


scroll to top icon