Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » Elevate Web Builder Technical Support » Support Forums » Elevate Web Builder Web Server and Modules » View Thread |
Messages 1 to 10 of 15 total |
Setting up a https connection to EWB |
Tue, Nov 1 2016 6:30 PM | Permanent Link |
KimHJ Comca Systems, Inc | I have a Windows 2012 R2 server hosted on 1and1 and I have a SSL certificate which I installed using MMC.
I search and search but it can't find anything about how to make a https connection to EWB. I have created a webservice for our phone app that returns json. Later I need to make a website where we can access the data. Right now I can access it using http://web.mywebsite.com:8080/modules/testapp? Have anyone made this work? I appreciate any help, thanks. Kim Jensen |
Tue, Nov 1 2016 8:04 PM | Permanent Link |
KimHJ Comca Systems, Inc | I found a post where Tim said to use stunnel, just installed it and pointed to the pfk file and it worked, very easy to setup.
Kim |
Tue, Nov 1 2016 8:49 PM | Permanent Link |
Raul Team Elevate | On 11/1/2016 8:04 PM, KimHJ wrote:
> I found a post where Tim said to use stunnel, just installed it and pointed to the pfk file and it worked, very easy to setup. Yes - stunnel is the current suggested solution as EWB server natively does not yet do SSL. Make sure your EWB server is only listening on the 127.0.0.1 ip - so it's not accessible directly and any connections must go thru stunnel to reach it Raul |
Tue, Nov 1 2016 11:30 PM | Permanent Link |
KimHJ Comca Systems, Inc | Raul wrote:
>>Make sure your EWB server is only listening on the 127.0.0.1 ip - so >>it's not accessible directly and any connections must go thru stunnel to >>reach it I did, and the incoming port is redirected so http will not work. Kim |
Wed, May 2 2018 2:42 AM | Permanent Link |
Paul Waegemans IMS bvba | Kim,
Do you have a step by step procedure to install stunnel. How did you do the pointing to the pfk file? Paul Waegemans. KimHJ wrote: I found a post where Tim said to use stunnel, just installed it and pointed to the pfk file and it worked, very easy to setup. Kim |
Wed, May 2 2018 2:13 PM | Permanent Link |
jdforce | Paul,
Check this link: https://www.techwalla.com/articles/how-to-configure-stunnel-windows I have a Dedicated Windows server with live IIS, secured with a comodo SSL. I don't think sTunnel will work along with IIS actively listening on the same port (443). If that is your case you will have to use another port for incoming connections and redirect to your EWS port. JD |
Mon, May 7 2018 8:18 PM | Permanent Link |
KimHJ Comca Systems, Inc | Paul Waegemans wrote:
>>Kim, Do you have a step by step procedure to install stunnel. How did you do the pointing to the pfk file? Paul Waegemans. << I copied my pfx (not pfk) into a folder on my server. I installed the setup file and then I change HTTPS setting by open Tunnel ( Double click) click Configuration / Edit configuration Scroll down to HTTPS [https] accept = 8088 connect = 8099 cert = C:\myfolder\mysite.com.pfx Save an restart tunnel. Look in the log if any errors when it starts. That is all. Now I can Https;//app.mysite.com:8088 and it will go to the database port 8099 Kim |
Thu, May 17 2018 3:27 PM | Permanent Link |
jdforce | I found that even though stunnel works with our server, using the same Comodo SSL certificate, and receives a connection from one port and redirects to another, the browsers are complaining about the redirect. I could connect with and old firefox and an older IE version, but all the updated browsers deny connecting because of the port redirection over https. It seems it is a rule that must be enforced.
Am not sure it if is a certificate rule or a browser security rule in general, but anyway opening a js application fails unless it is over plain http or the connection is directly without port redirect on the server. So, while it is maybe possible to lower the browser security settings, it surely will put a computer on risk. The best solution will be to make EWB server use SSL certificates without intermediaries. |
Thu, May 17 2018 8:37 PM | Permanent Link |
Raul Team Elevate | On 5/17/2018 3:27 PM, jdforce wrote:
> I found that even though stunnel works with our server, using the same Comodo SSL certificate, and receives a connection from one port and redirects to another, the browsers are complaining about the redirect. I could connect with and old firefox and an older IE version, but all the updated browsers deny connecting because of the port redirection over https. It seems it is a rule that must be enforced. Why would there be a redirect - stunnel should be totally transparent. How did you set it up exactly. Stunnel works fine for me with modern browsers over ssl : tried Chrome 66.0.3359.139 and Firefox 60.0.1 (64-bit) > The best solution will be to make EWB server use SSL certificates without intermediaries. Sure but in this case looks like issue with your config. Basic config in my case here's what i'm doing 1. ewb web server configured to listen on 127.0.0.1 and port 8888 2. stunnel configured as follows [https] accept = 443 connect = 127.0.0.1:8888 CAfile = <path to CA cert file> cert = <path to server cert> key = <path to cert private key> TIMEOUTclose = 0 3. connecting to https://<my domain>/<ewb app path> works fine for me Raul |
Fri, May 18 2018 12:54 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | << I found that even though stunnel works with our server, using the same Comodo SSL certificate, and receives a connection from one port and redirects to another, the browsers are complaining about the redirect.>>
Raul is correct - there is no redirect occurring and the browser should not even know that Stunnel is involved. This is how reverse proxies work: https://en.wikipedia.org/wiki/Reverse_proxy Tim Young Elevate Software www.elevatesoft.com |
Page 1 of 2 | Next Page » | |
Jump to Page: 1 2 |
This web page was last updated on Thursday, March 28, 2024 at 08:36 AM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |