How to enable HTTPS in case of on-premise installation?

Certificate setup

To set up a certificate open the appsettings.json file, which is located in the GitProtect Management Service installation directory (by default: C:\Program Files\Xopero ONE Backup&Recovery). It's a simple JSON file, which has to be modified. Find the comment_out_Kestrel section, which by default looks like this:

"commented_out_Kestrel": {
"Endpoints": {
"Http": {
"Url": "http://*:5000"

and modify it by erasing the commented_out_ prefix and providing HTTPS configuration as below:

"Kestrel": {
"Endpoints": {
"Http": {
"Url": "http://*:5000"
"Https": {
"Url": "https://*:5001",
"Path": "<.pfx file path>",
"Password": "<certificate password>"

Path - path to .pfx file (Remember to use double slash, so in case you're keeping the certificate in C:\cert.pfx directory provide the path in the following way: C:\cert.pfx) Password - certificate password

More information about the Kestrel configuration you can find:

GitProtect Management Service restart

After editing the appsettings.json files, remember to restart the management service.

  • Windows: net stop XoperoONEManagementService net start XoperoONEManagementService

  • Linux: systemctl restart XoperoONEManagementService

Once you'll set up the management service you need to switch agent communication to HTTPS! To do this you need to find config.json in the agent installation directory (by default: C:\Program Files\Xopero ONE Backup&Recovery Agent) and change their protocol. Edit this file with a text editor and modify the ServiceUrl parameter in the second line. In the same way, you can change the ports used by GitProtect.

Last updated