Guide for HTTPS For Windows (Self-Signed Certificate)

I’m not sure this is the right place to put this(Feel free to move it), it’s is not a support issue. More a guide to Setup HTTPS for Windows Server 2016+. I struggled a few hours to get this to work.

I used Setting up secure HTTP with AMP · CubeCoders/AMP Wiki · GitHub, but i couldn’t get this to work with the serial number from the certificate, so i did it in another way

My AMP Installation is not exposed to the web, but i couldn’t change to a static RCON password for my rust server, therefore i had to set the SSL.

  1. Create Self-Signed Certificate:
New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "mylocalsite.local" -FriendlyName "MyLocalSiteCert" -NotAfter (Get-Date).AddYears(10)

This creates a self-signed certificate which will expire after 10 years

  1. Go to windows certificate manager and export the certificate as .pfx
Run > mmc.exe > File > Add/Remove Snap in > Certificates

Go to Personal > Certificates > Right-Click on the new certificate > Export

I copied my certificate.pfx file inside the AMP-Datastore folder

  1. Shutdown all AMP Instances and ADS
ampinstmgr stopallinstances
  1. Edit the AMPConfig for the ADSInstance
  1. Edit the AMPConfig for instance(s) to use https to the backend auth server
  1. Start up ADS Again

  2. Access the new url with https :

This is not a trusted certificate due to unknown RootCA, so it will appear as “Not Secure”.
But it’s still SSL and now i could change to a static RCON password for my rust server :slightly_smiling_face:

Be mindful that if you use controller/target mode this won’t work. AMP is specifically rigged to reject self-signed certificates for security reasons.