Figure 12 is the referenced image, I think. Someone else made that comment.

wrote: "The image in that page shows the bindings drop down. Instead of selecting myesp, select eclwatch."
Could not determine which image this refers to. Is it Figure 12. myws_ecl appearing on page 87 of the current version of the Installing doc. https://d2wulyp08c6njk.cloudfront.net/releases/CE-Candidate-7.4.4/docs/EN_US/Installing_and_RunningTheHPCCPlatform_EN_US-7.4.4-1.pdf#page=87
seems to be the closest match.

I tested this conversion of http to https on my dev cluster a couple of weeks ago. The documentation is pretty good already but there are a couple of items that, in hindsight, could be clarified or extended:

• The server keys (whether they are self-signed or imported) will be read at runtime by the esp process. For security reasons, it is probably important the installed keys have correct ownership and permissions. certificate.cer (the public key) should be owned by user hpcc with permissions 0444 (or 0644); privatekey.cer (the private key) should be owned by user hpcc with permissions 0400 (or 0600). This change is just for better security; the instructions work as-is.

• The documented instructions talk about adding https services, but do not address converting an unsecured cluster to a secured cluster. It is not difficult to figure out: Delete the http-based services. However, if the end goal is to convert to secured (rather than just add secured support) then it is far simpler to just change the protocol of the existing services from http to https.