How to manage certificate for https on application distrib - WeOnlyDo Discussion board

How to manage certificate for https on application distrib (wodWebServer / wodWebServer.NET)

by Leonardo70, Wednesday, February 19, 2020, 16:01 (45 days ago)

Hello ,

we have an application that use WebServer.Net . We have create a webserver HTTP dedicate to some task for the user and all work fine. User have setting to define port and if activate or not the web server inside.

Now we want to transform the HTTP server to HTTPS and we have the code and see the example.
Our questions is relative to SSL certificate:

1) how to manage the certificate after the application wil be installed in the final user machine ?
2) we can create a common certificate to put in installation ? (How to create it ?)
3) or we need to create at firs running in user PC in some way ? (How to create on the fly and save it ?)

Thank you so much for your support

All the best
Leonardo

How to manage certificate for https on application distrib

by Jasmine, Wednesday, February 19, 2020, 19:48 (45 days ago) @ Leonardo70

Hi Leonardo,

I'm not sure you can have generic certificate since this beats the purpose of the certificate itself. When installed, how will users access your web server? Through common hostname (such as localhost) or some other way? Will each name be specific to client's installation?

Basically, you shouldn't distribute private key with the installation since it's private - and if it's publicly visible then whole idea of using HTTPS for security loses that purpose.

I would be able to give more ideas if you explain whole idea of using HTTPS for your server, who and how will access it?

Regards,
Jasmine.

How to manage certificate for https on application distrib

by Leonardo70, Thursday, February 20, 2020, 19:57 (44 days ago) @ Jasmine

Hi Leonardo,

I'm not sure you can have generic certificate since this beats the purpose of the certificate itself. When installed, how will users access your web server? Through common hostname (such as localhost) or some other way? Will each name be specific to client's installation?

Basically, you shouldn't distribute private key with the installation since it's private - and if it's publicly visible then whole idea of using HTTPS for security loses that purpose.

I would be able to give more ideas if you explain whole idea of using HTTPS for your server, who and how will access it?

Regards,
Jasmine.

Thanks Jasmine ,

our users could access local with localhost, from private network using IP address, or from internet if they have a public IP. User will be themself server admin and client user of the server, application running telescope facilities and they need to use the web dashboard from local or remote. Max 1/2 user at times.

All the best
Leonardo

How to manage certificate for https on application distrib

by Jasmine, Friday, February 21, 2020, 01:52 (44 days ago) @ Leonardo70

Leonardo,

hi. In that case I don't think there's way to make SSL enabled with generic certificate. Each installation should obtain their own certificate, based on their own common name they use to access the webserver. You can't get certificate for 'localhost', you could for public name if it belongs to you. If they are using dialup public IP addresses and their corresponding names, which actually belong to ISP, you will not be able to obtain their official certificates as well.

However, you could create your own set of certificates which customers would need to install on their system, manually during the installation. Perhaps that would be option for you? Note, in that case you would compromise the security in case your certificates leak in way to be used by 3rd parties.

Regards,
Jasmine.