Is your on-premise installation of eWay-CRM still using HTTP? This is an unencrypted protocol that keeps your data exposed when your eWay-CRM in Outlook communicates with the server component. Can you please double-check it for us?
We understand that you may have implemented strategies (such as a VPN or other protocols) to improve your security, however, we believe that HTTPS is a standard these days – especially so when it comes to protecting customers' data.
This is why eWay-CRM 7.2 will not continue to support HTTP.
What are your options?
Option #1 - For web service addresses containing a domain name (e.g. www.yourdomain.com/eway OR eway.yourdomain.com)
1. Get an SSL certificate.
There are plenty of SSL providers that will issue an SSL certificate (many are even free). You can use services like letsencrypt.org, SSL.com, or find a provider you trust.
2. Install the SSL certificate to IIS.
Most of the SSL issuers provide you with a step-by-step guide on how to install their certificates to IIS. Here is a great tutorial made by SSL.com - Install an SSL/TLS Certificate in Windows IIS 10.
3. Apply the SSL certificate to eWay-CRM Web Service Address.
When your certificate is successfully installed in IIS, apply it to the eWay-CRM Web Service by following the steps in this article - How to Secure eWay-CRM Using SSL Certificate.
4. Change the address in your client devices (settings / registry).
Open your Outlook, click on the eWay-CRM tab, and go to eWay-CRM Settings.
Under the Connection tab, you can enter your new web service URL, then click OK. You will then be prompted to restart your Outlook.
As soon as this is done, your eWay-CRM will start successfully communicating with your server component over an encrypted protocol. Congratulations!
Don’t forget to change your web service address on your mobile app, too.
Option #2 - For web service addresses containing the IP address or a custom TLD (e.g. yourserver.local)
If you can’t set up the eWay-CRM web service hostname, you can issue a self-signed SSL for your IP address / custom TLD. This option is not perfect, but it’s still better than keeping your data completely insecure with HTTP.
1. Get a self-signed SSL certificate.
We made a simple tutorial that will help you with this - How to Create a Self-Signed Certificate for Local IP Address.
2. Install the SSL certificate to IIS.
There are plenty of tutorials online. You can use this one made by SSL.com - Install an SSL/TLS Certificate in Windows IIS 10.
3. Apply the SSL certificate to eWay-CRM Web Service Address.
When your certificate is successfully installed in IIS, apply it to the eWay-CRM Web Service by following the steps in this article - How to Secure eWay-CRM Using SSL Certificate.
4. Change the address in your client devices (settings / registry).
Open your Outlook, click on the eWay-CRM tab, and go to eWay-CRM Settings.
Under the Connection tab, you can enter your new web service URL, then click OK. You will be prompted to restart your Outlook.
As soon as this is done, your eWay-CRM will start successfully communicating with your server component over an encrypted protocol. Congratulations!
Don’t forget to change your web service address on your mobile app, too.
Option #3 - Move your web service to our Cloud
If you cannot secure the SSL certificate or simply don’t want to spend the time to move it, you may move your server component to one of our data centers.
We have two – one located in the U.S. and the other one located in European Union.
We use SSL, we secure your data with Cloudflare, and we are compliant with ISO 27001. In other words, your data will be perfectly safe.
We are here to help. Please don’t hesitate to contact our support in case of any questions.
