Saturday, November 18, 2017

Intraweb SSL Standalone

Intraweb  SSL for Stand Alone

 

Assumes you have your own domain to try this on as cert purchased requires you prove control of the domain.  Otherwise, you need to have person controlling the domain working with you.

 

  1. Get Certificate at namecheap.com Positive SSL is only  (US) $9    Why do I recommend them, because cert comes in PEM format. No messing with converting cert form windows etc…
  2. Get Open SSL 32 bit  Package   for example : https://slproweb.com/products/Win32OpenSSL.html
    1. As of this writing its Win32OpenSSL-1_1_0g.exe download the developer package , thought the light package may also work.
  3. Install Open SSL
    1. Install to default path
    2. Copy ssl binarys to openssl\bin folder for now
  4. Use the batch file containing the line below to generate csr and key   .  This does no use a password which you probably should use with IW app since key, cert etc… are in the program directory. 

openssl req -new -newkey rsa:2048 -nodes -out app_domain_com.csr -keyout app_domain_com.key -subj "/C=US/ST=California/L=Fresno/O=Yournameor business Solutions/OU=domain.com/CN=app.domain.com"

 

you can check he csr using following command

 

openssl req -noout -text -in domain_com.csr

 

 domain_com  and domain.com are your domain I just use _ in filenames but its personal choice.

app.domain.com would be the hostname you will setup in DNS to point to your servers IP address.  

 

In getting the certificate issued just make sure you control the domain or subdomain  where you can either receive an email at admin@domain.com or can make a dns entry to prove you control/manage the domain.

 

 

 

  1. With csr in hand goto namecheap.com and purchase a positive SSL cert  ($9 for one year)

 

  1. You will need to validate the certificate by what ever method issuer provides. My recommendation is to make sure there is an admin@yourdomain.com to make the process easier.

 

  1. Copy your generated key file to key.pem

 

  1. Copy the cert received to cert.pem and the root chain bundle to root.pem

 

  1. Copy the pem files to the program folder along with the open ssl binary files libeay32.dll and ssleay32.dll

 

 

Posted by at No comments:

Sunday, September 13, 2015

Using AWS for the first time.

Posted by at 1 comment:

Tuesday, May 08, 2012

Zen Load Balancer - SSL

Just want to share what I did to add an HTTPS farm to my Zen LB install.


Zen Load Balancer is an excellent Debian Linux based load balancer installer. 




 If you have a decent spare PC, give a try.  I plan on deploying it to a pair small form xeon rackmounts in front of my web application server farm.


In testing, I discovered I had used incorrect certificate (the build in one), once I applied correct cert and tried again, all was well.

I hope someone finds this useful.

- Lou


Login on to Zen LB at console or using Putty ssh client


I create a folder to hold my keys and csr's.  I will later remove them and store else where since key will be created without a password.

Generates key in PEM format  using openssl command. Done this way so password not required

openssl genrsa -out host_domain_com.key 2048

Generate certificate request file.

openssl -new -key host_domain_com.key -out host_domain_com.csr


I purchased cert from namecheap.com  
Positive SSL already good to go certs are in PEM format
Rapid SSL  Need to convert to PEM  (each file, cert, intermediate and root)


After you get your certificate and intermediate certificate, be sure to get  issuers root certificate.

All certs need to be in PEM format  (Issued Cert, Intermediate cert and root cert)
To convert cert to PEM Format use openssl command.  RapidSSL certs were already in PEM format (contrary to what I read in FAQ)

openssl x509 -in certFileName.cer -outform PEM -out convertedCertFileName.pem


When done you will have your private key,  the certificate issued to you, an intermediate certificate and root cert.


Open Notepad and paste contents of each file one after the other in the following order

Private Key
Cert
Intermediate
Root

Example :

-----BEGIN RSA PRIVATE KEY-----
uiMTxBQnK9ApC5eq1mrBooECgYB4925pDrTWTbjU8bhb/7BXsjBiesBBVO43pDYL
1AOO5EEikir239UoFm6DQkkO7z4Nd+6Ier9fncpN1p1EZtqPxT64nsUTNow/z1Pp
nUVxhqt4DT+4Vp5S7D9FQ+HagbhVInQXKXtT7FNFhpIxpRy512ElSuWvrELiZOwe
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
wYDVR0fBDwwOjA4oDagNIYyaHR0cDovL3JhcGlkc3NsLWNybC5n
ZW90cnVzdC5jb20vY3Jscy9yYXBpZHNzbC5jcmwwHQYDVR0OBBYEFA8nu+rbiNqg
DYmhNE0IgXx6XRHiMAwGA1UdEwEB/wQCMAAwSQYIKwYBBQUHAQEEPTA7MDkGCCsG
gOYD8kmKOsxLRWeZo6Tn8
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js
Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw
JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTANBgkqhkiG9w0B
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
jOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
-----END CERTIFICATE-----
Posted by at 2 comments:

Sunday, January 17, 2010

Intraweb ISAPI DLL on Server 2008

In my case I have Windows 2008 Server setup as a webserver choosing the defaults on installation.

I tested first with Application and then with Stand alone service before attempting DLL

When my app loads, in servercontroller create event, I goto registry and get location of .ini file which is c:\DMXTRANSPORT Be sure to open registry as read only to avoid error.

The .ini file contains various settings I use for the app whether stand alone, service. I do this as a result of reading about it in a post in the Intraweb support newsgroups. It allows various app settings such as port number , file paths, database configuration, installation code/keys etc...

I created folder dmxportal on c:\

In that folder I have temp, files, and templates sub-folders Copy ISAPI DLL into that folder

I am logged in as Admin and did not adjust permissions, though you may need to add the iis user to that folder

Goto IIS Manager and Rt click on Default website and Virtual Directory – in my case its DMXPORTAL

Enable ISAPI DLL on IIS Server in ISAPI and CGI Restrictions

Be sure to check the box

Then enable the ISAPI-dll in Handler Mappings on the virtual folder by selecting it and in the IIS properties open Handler Mappings, select ISAPI-DLL (should be on top of screen) in disabled section. Rt click and select Edit Feature Permissions. Enable Execute with check mark

That’s it You should then be able to load your isapi dll

I had an issue and just restarted IIS and it worked.

http:///virtualfolder/isapi.dll

I also add my isapi DLL as the default document so I can just use http://server/folder to launch app.

There may be a bit more permission twiddling necessary to get your local files folder to work, but its probably just giving the IISUser rights to the folders.


Posted by at 2 comments:

Sunday, March 22, 2009

On vacation...sort of

I decided it was time to take a few weeks off work (yes in the middle of this great economic crisis) and go to the Dominican Republic and visit family and friends.

I have been a here a few days so far and I managed to connect with the Local Rotary Club of Bani, District 4060 http://www.rotary4060.org . I had originally planned on attending the club meeting next week. It turned out that a neighbor of my parents is member of the Club here in Bani. So, on Saturday evening, I joined several Rotarians from Bani, at another local Rotary Club in San Juan de Ocoa where the District Governer was visiting to make a special presentation honoring two women for their outstanding work in the community. The club also welcomed two two new members to the club that same evening.

Below are a few photos from the event. Including one with the District Governor Milqueya Portes, the first woman to be District Governor in the Dominican Republic (I need to confirm, but also the first woman to be a club president) as well as a photo of the District Governer with the two special award recipients.





I will be visiting some of the local Rotary Clubs projects later in the week and will be post more photos.
Posted by at No comments:

Thursday, January 05, 2006

Delphi 2006 CF .Net Development

I am looking for Delphi 2006 users who are interested in creating simple applications for Windows Mobile devices using Delphi 2006 .Net and the Compact Framework.

I have been following developments at http://jedqc.blogspot.com/ and have gotten started with the CFBuild: Delphi 2006 Version (beta).

My next step is to get past the basic Hello world app and create something that stores data to the PDA, followed by how I can synch that data with a PC based database via ODBC. I use DBISAM and Firebird for PC app development.

Anyone interested, just leave a comment here with any suggestions, links etc....
Posted by at 1 comment:

Saturday, July 02, 2005

A day in the life......

Well,

Here I am ... officially a blogger. Being a technofile I decided it was time to finally going the masses and publish my thoughts and experiences, though I hope to not cause a rucuss in the process.
Posted by at
Subscribe to: Posts (Atom)