Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » Elevate Web Builder Technical Support » Support Forums » Elevate Web Builder General » View Thread |
Messages 11 to 16 of 16 total |
EWB server / SSL & PHP.. |
Tue, Mar 17 2015 9:55 AM | Permanent Link |
Matthew Jones | Raul wrote:
> For the duration of the testing i would suggest you add your > self-signing CA to your browser/OS trusted CA list so you do not get > prompted. This way you know it's not self-signed cert issues (and you > can then remove it once it all works and if issue reappears you know > what it is). > > The other suggestion is to use the use the debugging tools in the > browser to see what actually happens underneath. All major browsers > have very powerful debugging/developer tools built-in Good suggestions. I shall also mention something that I do, if you have a wildcard certificate (or indeed any I suppose). I have a certificate for *.mydomain.com, so I set up a DNS entry for my own PC as localhost. So devpc.mydomain.com takes me to 127.0.0.1, but that means that the certificate is fully valid for the browser while I'm developing. Once I did this, a lot of little things just went away. For the additional cost, being able to have the same certificate in development, staging and live is worth it. -- Matthew Jones |
Sun, Mar 22 2015 1:32 AM | Permanent Link |
Bruno Larochelle | Fellas.. I finally got around to fiddling some more with this, with some success!
1. By running both the 'HTML server' and the 'Data server' on httpS .. I was able to have my web application work properly. (one EWB server dishing out the html on port 442->8080, the other EWB server dishing out the data on port 443->8088). Since I'm using a self-signed CA.. I get warned when I start the application, and then once again when I load the dataset. CORS did not need to be enabled on either one (I was pleasantly surprised at that). 2. I was impressed/happy that sTunnel allowed 2 httpS re-directs, simply by adding a second [https] section with the appropriate 'accept/connect' pair in the config file. 3. Now that I know that works, I will try to use IIS on the HTML (httpS), and ewb (httpS) for the data. That will give me some of the IIS features I want for HTML. 4. For whatever reason, this mix of http (for html) with httpS (for data) on the same web app was causing me trouble (permission denied when connecting to dataset). Maybe that can be done, but I was unable to find it. So, for now, I have all I really need to proceed. Still lots to learn to ensure secure data/sessions, but it's moving along! And I'm digging deeper into the debug tools that the browsers provided (albeit just starting). Thanks again to you gentlemen for the assistance and recommendations. off topic.. next is to purchase a wildcard certificate.. any recommendations for a vendor? I find the prices vary enormously..! .. Bruno "Matthew Jones" wrote: Raul wrote: > For the duration of the testing i would suggest you add your > self-signing CA to your browser/OS trusted CA list so you do not get > prompted. This way you know it's not self-signed cert issues (and you > can then remove it once it all works and if issue reappears you know > what it is). > > The other suggestion is to use the use the debugging tools in the > browser to see what actually happens underneath. All major browsers > have very powerful debugging/developer tools built-in Good suggestions. I shall also mention something that I do, if you have a wildcard certificate (or indeed any I suppose). I have a certificate for *.mydomain.com, so I set up a DNS entry for my own PC as localhost. So devpc.mydomain.com takes me to 127.0.0.1, but that means that the certificate is fully valid for the browser while I'm developing. Once I did this, a lot of little things just went away. For the additional cost, being able to have the same certificate in development, staging and live is worth it. -- Matthew Jones Logiciels Bitwise Software Edmonton, AB, Canada |
Sun, Mar 22 2015 7:22 AM | Permanent Link |
Walter Matte Tactical Business Corporation | Bruno:
This is direct help to you but I just mention it as a solution for anyone to consider. I use RealThinClient components and built my own web server. The product comes with a complete demo web server from which I drew upon to do the serving of files (web pages) from disk. I added all the backend database connectivity via a database pool modules I wrote that create JSON and parse JSON to the specifications required for EWB + I can have any code need to solve specific project requirements. I have 3 interchangeable database pool modules - DBISAM, ElevateDB and UniDAC components (MSSQL in my case). RealThinClient has a plugin for SteamSec components - so adding them to the mix gave me HTTPS by dropping 2 components into the project and hooking up a couple of properties. I have two version of each server - a Standalone exe and a Service version. This allows easy debugging of code, before deploying the Service Web Server. BTW the RealThinClient Demo Web Server handles PHP pages - you need to download the latest PHP from www.php.net. Walter |
Sun, Mar 22 2015 9:46 AM | Permanent Link |
Matthew Jones | Bruno Larochelle wrote:
> off topic.. next is to purchase a wildcard certificate.. any > recommendations for a vendor? I find the prices vary enormously..! Not sure how they do on price, but I bought mine from http://www.trustsign.co.uk/ and they seem okay. I went for the organisation one this time, but the domain SSL was fine. The only thing is to not make the mistake I did, and buy the Domain SSL when you want the Domain SSL Wildcard (I actually chose the Organisation ones this time). Fortunately they spotted it as I'd put in *.mydomain.com as the common name, called me within a minute, and had me correct it (by cancelling on the system, then buying the right one). -- Matthew Jones |
Mon, Mar 23 2015 8:26 AM | Permanent Link |
Raul Team Elevate | On 3/22/2015 1:32 AM, Bruno Larochelle wrote:
> off topic.. next is to purchase a wildcard certificate.. any recommendations for a vendor? I find the prices vary enormously..! You will likely end up with one of the Comodo certs as they tend to be most reasonable. I know we got ours from kSoftware last time we needed one: https://secure.ksoftware.net/ssl_certs.html And make sure you default to SHA-2 at this point in time (i think everybody has stopped issuing certs with SHA-1 hashing but check just in case). Raul |
Mon, Mar 23 2015 1:57 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Raul,
<< I know we got ours from kSoftware last time we needed one: https://secure.ksoftware.net/ssl_certs.html >> I second kSoftware - very inexpensive and responds promptly to any issues. We use them exclusively for our certs, both code-signing and web server. Tim Young Elevate Software www.elevatesoft.com |
« Previous Page | Page 2 of 2 | |
Jump to Page: 1 2 |
This web page was last updated on Wednesday, October 9, 2024 at 05:37 AM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |