HTTPS will be enforced across all Bold360ai web application touchpoints going forward and HTTP-only widget configurations will no longer be supported as of December 31, 2021

Access to the Genesys DX AI management (*.nanorep.co) will only be accessible through HTTPS.

Why is this happening?

Encrypted communication is essential for safe transmission of data between the web server and browsers. Unlike HTTP, HTTPS establishes a secure connection by encrypting data. 
If an application does not use HTTPS, it is vulnerable to information disclosure and MITM attacks which attempt to strip encryption between the server and the client.

Changes in the Bold360ai 

After the change is introduced to the servers, you can only reach the servers through HTTPS. Servers are going to deny ALL HTTP requests.

Required actions

Bold360ai admin site
  • Visit your admin site only through HTTPS
  • Update any HTTP protocol bookmarks  to HTTPS.

  If admins try to reach the site through HTTP, the server denies access.

Deployed widgets
  • Redeploy widgets where the configuration does not enforce HTTPS communication.

 Widgets use the protocol of the site visitor, so if the widget does not enforce HTTPS communication, the widget appears broken to the visitor.

 NoteThe change does not affect widgets with enforced HTTPS configuration.

API endpoint calls
  • Update the address of your servers with the HTTPS protocol, so all API calls use the right address.

API calls where the protocol is HTTP get a deny response from the server.