+- Atozed Forums (https://www.atozed.com/forums)
+-- Forum: Atozed Software Products (https://www.atozed.com/forums/forum-1.html)
+--- Forum: IntraWeb (https://www.atozed.com/forums/forum-3.html)
+---- Forum: English (https://www.atozed.com/forums/forum-16.html)
+----- Forum: IntraWeb General Discussion (https://www.atozed.com/forums/forum-4.html)
+----- Thread: New feature: IntraWeb handling Let's Encrypt certificates (/thread-1556.html)
New feature: IntraWeb handling Let's Encrypt certificates - Alexandre Machado - 02-27-2020
Hi guys!
Next IntraWeb version will handle the whole Let's Encrypt certificate generation process. Let's Encrypt (https://letsencrypt.org/), in their own words is "A nonprofit Certificate Authority providing TLS certificates to 180 million websites". Let's Encrypt certificates are 100% free.
We created a new ACME client, written in Delphi, which will be part of IntraWeb Ultimate and 100% integrated to the IntraWeb application. It will be able to fully handle Let's Encrypt HTTP-01 Challenge (https://letsencrypt.org/docs/challenge-types/), including: generation of key pairs and CSR (Certificate Signing Request), handling of the challenge itself (saving a challenge file in a specific folder and responding to Let's Encrypt request), downloading the Certificate from Let's Encrypt server and installing it (depending on your deployment type).
When done manually, the whole certificate process is *painful* and needs to be repeated every 3 months or less (LE certificates need to be renewed every 3 months). Also, if you are using other paid Certificate Authority, it can cost you up to a couple of hundreds *per year* for a simple certificate...
In short: all IW applications can benefit from SSL/HTTPS security with almost ZERO human intervention and very low maintenance! A really cool feature that will save you lots of work and also money!
First version will be ready for testing in a few days.
Stay tuned!
RE: New feature: IntraWeb handling Let's Encrypt certificates - kudzu - 02-27-2020
Awesome!
RE: New feature: IntraWeb handling Let's Encrypt certificates - ioan - 02-27-2020
Very cool, can't wait to use it.
RE: New feature: IntraWeb handling Let's Encrypt certificates - DanBarclay - 02-28-2020
(02-27-2020, 04:40 PM)kudzu Wrote: Awesome!Yes awesome! I knew that if I procrastinated long enough he'd make it even easier!
Dan
RE: New feature: IntraWeb handling Let's Encrypt certificates - Alexandre Machado - 02-28-2020
Quote:Yes awesome! I knew that if I procrastinated long enough he'd make it even easier!
Dan
I wish I could procrastinate too LOL
Everything related to certificates is *painful* to do, especially programming against those APIs (OpenSSL, WinCrypt, etc)
RE: New feature: IntraWeb handling Let's Encrypt certificates - ozelaya - 03-31-2022
(02-27-2020, 09:37 AM)Alexandre Machado Wrote: Hi guys!
Next IntraWeb version will handle the whole Let's Encrypt certificate generation process. Let's Encrypt (https://letsencrypt.org/), in their own words is "A nonprofit Certificate Authority providing TLS certificates to 180 million websites". Let's Encrypt certificates are 100% free.
We created a new ACME client, written in Delphi, which will be part of IntraWeb Ultimate and 100% integrated to the IntraWeb application. It will be able to fully handle Let's Encrypt HTTP-01 Challenge (https://letsencrypt.org/docs/challenge-types/), including: generation of key pairs and CSR (Certificate Signing Request), handling of the challenge itself (saving a challenge file in a specific folder and responding to Let's Encrypt request), downloading the Certificate from Let's Encrypt server and installing it (depending on your deployment type).
When done manually, the whole certificate process is *painful* and needs to be repeated every 3 months or less (LE certificates need to be renewed every 3 months). Also, if you are using other paid Certificate Authority, it can cost you up to a couple of hundreds *per year* for a simple certificate...
In short: all IW applications can benefit from SSL/HTTPS security with almost ZERO human intervention and very low maintenance! A really cool feature that will save you lots of work and also money!
First version will be ready for testing in a few days.
Stay tuned!
Hi,
Is there a demo or sample code about this feature?
Thanks in advance,
Omar Zelaya
RE: New feature: IntraWeb handling Let's Encrypt certificates - MJS@mjs.us - 03-31-2022
Will this handle multiple alternative names and wildcard certs? For example: say one HTTPSYS IW app is bound to abc.com, www.abc.com, 123.com, and www.123.com. To issue/renew wildcards through another ACME client I have to submit abc.com, *.abc.com, 123.com, and *.123.com then add / delete DNS TXT records for each to validate (a pain).
RE: New feature: IntraWeb handling Let's Encrypt certificates - raulevm - 03-31-2022
Thank you Alexandre
RE: New feature: IntraWeb handling Let's Encrypt certificates - iwuser - 04-29-2022
(02-28-2020, 10:23 AM)Alexandre Machado Wrote:Quote:Yes awesome! I knew that if I procrastinated long enough he'd make it even easier!
Dan
I wish I could procrastinate too LOL
Everything related to certificates is *painful* to do, especially programming against those APIs (OpenSSL, WinCrypt, etc)
Would this require the server to be exposed to the Internet + have a valid Domain? I think it will. And so it would very probably not work for intranet websites that do not have a valid public domain name and cannot be connected to from outside, right?
Have you released it in .52 or .53? Is there an sample project for this?