AWS Setup and Configuration
- Setup and Configuration
- User Setup
- Browser Desktop Connection Protocols (Web CFDDFC only)
- Browser Desktop Free Licence (Web CFDDFC only)
- Service Quotas
Information before Launching an Instance
[ AWS Setup | Launch in the Console | Launch with the CLI ]Problem with these instructions? Please send a CFDDFC Support Query.
Port 8443
The following instructions are only required if you plan to use Web CFD Direct From the Cloud (CFDDFC®). Web CFDDFC provides a remote desktop connection to an AWS instance (virtual machine) via a web browser. The server running the remote desktop listens on Transmission Control Protocol (TCP) port 8443. It uses HTTPS with Transport Layer Security (TLS) for secure communication using encryption. The user reaches the instance via a web browser using a URL beginning https://
(for HTTPS) and ending :8443
(for port 8443), with the public IP address of the instance in between, e.g. https://123.45.67.89:8443
for IP address 123.45.67.89
.
You must therefore be able to connect to the Internet via port 8443. A normal internet connection will permit such connections, but it is possible that a firewall is configured which closes port 8443 to network traffic. To check if port 8443 is open to you, we provide our test server at https://test.cfd.tools:8443
. Enter the URL into a web browser to test, noting that it begins https
not http
. If the connection fails to open anything in the browser, then port 8443 is closed. Speak to your system administrator about their configuration of the firewall and request an exemption to open port 8443.
Self-Signed TLS Certificate
Otherwise, if the connection is successful, your browser will most likely display a page warning you about a potential security risk. The warning relates to secure connection using HTTPS, which requires a TLS/SSL certificate. TLS/SSL uses Public Key Encryption for secure communication, based on a key-pair with public and private keys. A certificate includes the public key from the key-pair, with the private key stored by a trusted source which does not divulge that key. A Certificate Authority (CA) is a third-party which is trusted to store the private keys of relating to websites accessed by a domain name, e.g. https://cfd.direct
. Web browsers trust sites backed by a CA.
However, a CA cannot issue a certificate for an IP address. The server running the remote desktop for Web CFDDFC instead issues a “self-signed” certificate, with its own public and private keys which are newly generated when the instance is launched. The key-pair is unique to that instance, so cannot be compromised by a third-party (unless they gain access to the instance and copy the private key file). Therefore, in response to your web browser warning of a securing risk, you can confidently click Advanced and Accept the Risk and Continue to apply an exemption for this self-signed certificate. If you are unable to issue an exemption in your web browser, there is likely a security feature enabled on your computer preventing you from doing so. If this happens, speak to your system administrator.
After applying the exemption, the page is served, which simply contains the word “success
”.