I seem to be unable to get my web app running with ssl.
I have created the app and placed in to a dir with the right permissions with the ssl certificate named the same as my app but with .crt as an extension.
I can double click the .crt file and it open with all the expected information.
When I start the app using a command line specifying the myapp.exe –secureport = 8801 it launches with no problems.
In the ide (2022r3.2) I have set the port to (for example) 8800 and the ssl port to 8801.
I have checked with a scanner and both for the http and the https ports are open.
I can go to my external ip via a device outside my network and access the app using port 8800 with no issues.
If I got to myip:8800 app is accessible.
If I go to myip:8801 browser times out
Unsure where to go for this and hoping someone can come up with some ideas to point me in the right direction.
Hi Wayne, are there any other reasons/advantages to setting up the IIS and reverse proxy, instead of just letting users access the web app directly, in an intranet environment. Thanks Mark
at build settings you could add a build step to copy the .crt beside the exe always.
at windows you would use sc command to start/stop/register your exe as service.
at services you can choose for which user account this service runs.
you have to stop the service to replace the exe!
at build settings you could add a build step to copy the .crt beside the exe always.
== yep done
at windows you would use sc command to start/stop/register your exe as service.
== I have been using a command line to launch
C:\pathtomy\myexe.exe --secureport =8201
at services you can choose for which user account this service runs.
you have to stop the service to replace the exe!
at windows if you start a exe with network access first should pop up a firewall message window where
you can allow the network access.
if you suppress this warning messages, you can enable it or add the port/exe manually to firewall rules.
have you looked with netstat -a that the port is in listening state?
Is your certificate issued to 127.0.0.1? A public CA may not issue valid certs to localhost. (source1source2)
I would wager the certificate you’ve downloaded from your provider is not for 127.0.0.1. In such a scenario your browser wouldn’t connect to the server because of the certificate mismatch.
thanks for the info, the more I learn the more it looks to be a certificate issue. I will continue to work at it but at least I know which way to face now.
I have 2 linux vps running on Oracle Cloud (free) and Contabo (very good price-performance ratio), which are dedicated to Xojo webservices only.
I use lifeboat to install and update the webapps and to issue free Letsencrypt certificates. Just a few clicks.
Caveat: do not install lifeboat when you already manage your vps with Plesk or HestiaCP or the like, it will break it. We can install Webmin though (but not Virtualmin).
which states … “You cannot set the Secure Port in the Shared Build Settings, so you’ll need to use some command-line parameters to get it to work”
so while i set the ssl port option under the shared settings of the ide i was ignoring it and using the command line to set it as per the document.
However, I have now found out that if I add the command line it closes the ssl port, by removing the command line and setting the ide option the port opens correctly.
if i use my_external_ip: my_http_Port app runs fine
if I use my_external_ip: my_httpS_Port the page immediately comes up with “The connection was reset.” when just using the ide to set the ssl port
if I use my_external_ip: my_httpS_Port the page comes up with “took too long to respond.” when using the command line.
MarcusR – hope that answers your question
Oliver_Osswald – thanks for the sugestion but no using linux
brian_franco --thanks , I’ve also been exploring the use of iis but did not want to it this post to avoid any crossing threads.
Thanks all , I’m trying all suggestions as i’m able
Just to say thanks to you all for the help , all is now resolved as follows
Moved to using Digital Ocean to host but more importantly used Tim Parnell’s Lifeboat which was suggested by Oliver Oswald, in my initial response I though i’d need to know some linux but since trying (and purchasing) Lifeboat and with pointers from Tim have it all working fully and using ssl with no issues