This article applies as of PRTG 22
Secure PRTG web interface connection
PRTG comes with a default SSL certificate. It allows you to securely use the PRTG web interface via HTTPS. The connection is encrypted and no unauthorized person is able to see your data.
However, since the default certificate does not match the domain name or IP address of your PRTG installation, your web browser will always show an alert The certificate is not correct when it connects to this server. This is despite the fact that transmission is secure.
Overview: PRTG web interface security options
Under Setup | System Administration | User Interface on the PRTG core server system, you can select different security options that specify how users connect to the PRTG web interface. The following table will give you an overview of the user's experience for the different options.
|Option||Security||User experience||Steps to take|
|Disable SSL||None (passwords and account information are not encrypted. Use only in secure LANs/VPNs. Do not use for PRTG installations that are publicly visible on the internet.)||User sees no warning||Under PRTG Web Server, set TCP Port for PRTG Web Server to Unsecure HTTP server (port 80)|
|PRTG default SSL certificate||Yes (unverified)||User sees a certificate warning||Under PRTG Web Server, set TCP Port for PRTG Web Server to Secure HTTPS server (port 443)|
|InstantSSL Free Trial certificate (90 days) - paid option for longer use available||Yes (Class 1)||User sees no warning - Specialty: The certificate can even be requested for a private IP address so the user sees no warning when using a private IP address to access the PRTG web interface||Under PRTG Web Server, set TCP Port for PRTG Web Server to Secure HTTPS server and install an InstantSSL Free Trial certificate|
|Paid extended options (for example, InstantSSL, GoDaddy)||Yes, extended (up to Class 3)||User sees a lock symbol in the address bar and the site appears in the browser as “secure”||Under PRTG Web Server, set TCP Port for PRTG Web Server to Secure HTTPS server and install a paid certificate|