Network flows are not encrypted between Glide and PAR-WHTP in self-hosted instancesSummaryWith self hosted installation, Network flows are not encrypted between Glide and PAR-WHTP.The consequence is that all the information sent to these services can be read and modified by a malicious third party on the same network subnet.In some cases, the exchanged information is Personal data.There is also no guarantee the glide service talks to the real PAR-WHTP and not a man in the middle.This could as well be a compliance issue sometimes.ReleasePAR-WHTP doesn't support HTTPS at this for now. Some customers have worked around this by setting up a local web proxy on their PAR-WHTP server that listens via HTTPS and forwards the connection to the local PAR-WHTP service via HTTP, so that the unencrypted traffic doesn't traverse the network. Currently, we don't have any documentation on that setup, and can't provide technical support for it. However, if you want to try that, you will need to create a new system property in your ServiceNow instance 'com.snc.whtp.connection_timeout'(create if not there) and set the value to '10000' to increase the connection timeout for WHTP connections, as the default one is too short to allow for the overhead of an HTTPS handshake.Refer:https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1573009Related LinksHowever, HTTPS support for par servers has critical priority and our development team is planning to roll out this feature in the PARExport Server v1.7 which is going to be available in first quarter of 2024(tentative). Please note that this feature may not be part of this release as well as this is in planning stage only.