Posts: 67
Threads: 13
Joined: Mar 2018
Reputation:
3
I'm trying to see if I can configure "Let's Encrypt" to work with Intraweb. I'm pretty sure the certificates work fine, but I have problems with the auto renewal that has to run by itself in a scheduled task. I'm using win-acme: https://github.com/PKISharp/win-acme
When trying to obtain a certificate, you run a the following command:
Code: letsencrypt.exe --plugin manual --emailaddress my@email.com --manualhost www.somewebsite.com --webroot D:\myapp\wwwroot --test
After running the command, letsencrypt.exe creates a directory in d:\myapp\wwwroot, something like /.well-known/acme-challenge/ with a temporary file inside (aaabbbccc) that "let's encrypt" needs access to, for verification.
The problem I'm having is that after I run the letsencrypt.exe command, if I try to open
Code: http://www.somewebsite.com/.well-known/acme-challenge/aaabbbccc
it won't work, intraweb doesn't let me have (or at least I don't know to make it work) a path like that to access a static file.
What's the best way to do this?
Thanks.
Posts: 288
Threads: 0
Joined: Mar 2018
Reputation:
29
Location: Franca-São Paulo-Brasil
Hi Ioan, try to put inside wwwroot:
Code: D:\myapp\wwwroot\.well-known\acme-challenge\aaabbbccc
Posts: 67
Threads: 13
Joined: Mar 2018
Reputation:
3
(06-18-2018, 08:46 PM)JNPSoftware Wrote: Hi Ioan, try to put inside wwwroot:
Code: D:\myapp\wwwroot\.well-known\acme-challenge\aaabbbccc
It seems that if I have a file there with a registered mime type (example .txt) works fine, if there is no extension (the way the letsencrypt.exe makes it), it doesn't work. Can I serve a static file that has no extension?
Posts: 288
Threads: 0
Joined: Mar 2018
Reputation:
29
Location: Franca-São Paulo-Brasil
In my case i use ISAPI and server directly.
Posts: 67
Threads: 13
Joined: Mar 2018
Reputation:
3
06-18-2018, 09:58 PM
(This post was last modified: 06-18-2018, 11:32 PM by ioan.)
I found a solution and so far works fine:
Code: procedure TIWServerController.IWServerControllerBaseNewSession(aSession: TIWApplication);
var
challengeResponse, challengeFileName: string;
begin
[...]
else if ContainsText(WebApplication.Request.PathInfo, '.well-known/acme-challenge') then
begin
// for let's encrypt
challengeFileName := WebApplication.ApplicationPath + 'wwwroot' + WebApplication.Request.PathInfo.Replace('/', '\');
if TFile.Exists(challengeFileName) then
challengeResponse := TFile.ReadAllText(challengeFileName)
else
challengeResponse := '';
WebApplication.Response.WriteString(challengeResponse);
WebApplication.Terminate;
end;
end;
Posts: 2,261
Threads: 196
Joined: Mar 2018
Reputation:
86
Location: Auckland, New Zealand
(06-18-2018, 09:58 PM)ioan Wrote: I found a solution and so far works fine:
Code: procedure TIWServerController.IWServerControllerBaseNewSession(aSession: TIWApplication);
var
challengeResponse, challengeFileName: string;
begin
[...]
else if ContainsText(WebApplication.Request.PathInfo, '.well-known/acme-challenge') then
begin
// for let's encrypt
challengeFileName := WebApplication.ApplicationPath + 'wwwroot' + WebApplication.Request.PathInfo.Replace('/', '\');
if TFile.Exists(challengeFileName) then
challengeResponse := TFile.ReadAllText(challengeFileName)
else
challengeResponse := '';
WebApplication.Response.WriteString(challengeResponse);
WebApplication.Terminate;
end;
end;
Hi Ioan,
We had the same issue recently in one of our applications and I'm seriously thinking about adding built-in support for this kind of stuff in IW 15 code base. It will make life much easier :-)
Thanks for sharing your solution
Posts: 1,136
Threads: 37
Joined: Mar 2018
Reputation:
30
Location: Limassol, Cyprus
A built in tool would be great!
Posts: 67
Threads: 13
Joined: Mar 2018
Reputation:
3
(06-18-2018, 09:58 PM)ioan Wrote: I found a solution and so far works fine:
Code: procedure TIWServerController.IWServerControllerBaseNewSession(aSession: TIWApplication);
var
challengeResponse, challengeFileName: string;
begin
[...]
else if ContainsText(WebApplication.Request.PathInfo, '.well-known/acme-challenge') then
begin
// for let's encrypt
challengeFileName := WebApplication.ApplicationPath + 'wwwroot' + WebApplication.Request.PathInfo.Replace('/', '\');
if TFile.Exists(challengeFileName) then
challengeResponse := TFile.ReadAllText(challengeFileName)
else
challengeResponse := '';
WebApplication.Response.WriteString(challengeResponse);
WebApplication.Terminate;
end;
end;
It seems that the above solution doesn't work with the latest intraweb version. If I try to request http://localhost/.well-known/acme-challenge/aa, the application never gets in IWServerControllerBaseNewSession and returns a "404 not found" error page.
Posts: 55
Threads: 19
Joined: Apr 2018
Reputation:
0
(06-20-2018, 01:46 AM)Alexandre Machado Wrote: (06-18-2018, 09:58 PM)ioan Wrote: I found a solution and so far works fine:
Code: procedure TIWServerController.IWServerControllerBaseNewSession(aSession: TIWApplication);
var
challengeResponse, challengeFileName: string;
begin
[...]
else if ContainsText(WebApplication.Request.PathInfo, '.well-known/acme-challenge') then
begin
// for let's encrypt
challengeFileName := WebApplication.ApplicationPath + 'wwwroot' + WebApplication.Request.PathInfo.Replace('/', '\');
if TFile.Exists(challengeFileName) then
challengeResponse := TFile.ReadAllText(challengeFileName)
else
challengeResponse := '';
WebApplication.Response.WriteString(challengeResponse);
WebApplication.Terminate;
end;
end;
Hi Ioan,
We had the same issue recently in one of our applications and I'm seriously thinking about adding built-in support for this kind of stuff in IW 15 code base. It will make life much easier :-)
Thanks for sharing your solution
Alex,
Does iw15.2.10 solve the issue of allowing the let's encrypt renewal process work and find the renewal file under " well-known/acme-challenge/asadfff" work?
Posts: 55
Threads: 19
Joined: Apr 2018
Reputation:
0
(08-01-2020, 03:55 AM)joel Wrote: (06-20-2018, 01:46 AM)Alexandre Machado Wrote: (06-18-2018, 09:58 PM)ioan Wrote: I found a solution and so far works fine:
Code: procedure TIWServerController.IWServerControllerBaseNewSession(aSession: TIWApplication);
var
challengeResponse, challengeFileName: string;
begin
[...]
else if ContainsText(WebApplication.Request.PathInfo, '.well-known/acme-challenge') then
begin
// for let's encrypt
challengeFileName := WebApplication.ApplicationPath + 'wwwroot' + WebApplication.Request.PathInfo.Replace('/', '\');
if TFile.Exists(challengeFileName) then
challengeResponse := TFile.ReadAllText(challengeFileName)
else
challengeResponse := '';
WebApplication.Response.WriteString(challengeResponse);
WebApplication.Terminate;
end;
end;
Hi Ioan,
We had the same issue recently in one of our applications and I'm seriously thinking about adding built-in support for this kind of stuff in IW 15 code base. It will make life much easier :-)
Thanks for sharing your solution
Alex,
Does iw15.2.10 solve the issue of allowing the let's encrypt renewal process work and find the renewal file under "well-known/acme-challenge/asadfff" work?
I think I found the answer: https://www.atozed.com/forums/printthread.php?tid=1383
|