Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to install SSL in intraweb
#1
Hello i search through internet all day and night and no good about how to install ssl
May i get some step by step guide from you guys. Thank you for your time
Reply
#2
You will need the ultimate version.
There is a StandaloneSSL in the demos https://github.com/Atozed/IntraWeb/tree/...ndAloneSSL
I have not done this myself, but maybe this link will get you started.
Reply
#3
(05-14-2018, 08:33 AM)morhous Wrote: Hello i search through internet all day and night and no good about how to install ssl
May i get some step by step guide from you guys. Thank you for your time

That information is in several places on the EMB forum.  Below is from my notes, copied from that forum.  Most of the input below is by Daniel Fields.  It may be old.  My notes were intended to provide context, but the real info was in the posts.  Since I can't get to the forum I don't have info on the dates.   Daniel and others can provide more detail/answers when they are available but maybe this will get you started.

==== copied from other posts  ====
Basic SSL configuration for IW
From: https://forums.embarcadero.com/thread.jspa?messageID=873918#873918
 
Daniel:
 
You might want to purchase a UCC certificate, which would allow you to secure up to 99 additional Subject Alternative Names (SANs) in a single certificate. With that you could cover the IP and the sub-domain in question.
 
Once you get the certificate installed it is very easy to implement in your application. You just go to the ServerController.SSLOptions. You set CertificatePassword, Port and SSLVersion properties. You then have to set your application's first form's ConnectionType to cmSecure. I usually do that with my splash screen (page). All pages that the user navigates to will remain secured unless you specifically turn off the security in code.

I have all of my applications hosted at Rackspace and my domains and SSL certificates are through Go Daddy.

 
Daniel:
 
I'm sure you know there is more detail involved in the certificate request. Here are the steps that have worked best for me.
I. Generate a CSR. The link below is really detailed on each step of this process.
http://www.techrepublic.com/blog/how-do-i/how-do-i-request-and-install-ssl-certificates-in-iis-70/

II. Export a PFX file from your IIS server.

1. Run mmc.exe
2. Click the 'Console' menu and then click 'Add / Remove Snap-in'.
3. Click the 'Add' button and then choose the 'certificates' snap-in and click on 'Add'.
4. Select 'Computer Account' then click 'Next'.
5. Select 'Local Computer' and then click 'OK'.
6. Click 'Close' and then click 'OK'.
7. Expand the menu for 'Certificates' and click on the 'Personal' folder.
8. Right click on the certificate that you want to export and select 'All tasks' -> 'Export'.

A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file. From here you get cert.pem and key.pem files. I have to go back through my notes for the details on this step. I have not had to do this in a while. I'll update this step later.

III. Create root.pem

1. Open MMC and add the certificates snap-in.
2. Expand Console Root to
a. Intermediate Certificate Authorities
i. Certificates
3. Select "Go Daddy Secure Authority - G2".
a. Do not select the Go Daddy Root certificate!
4. Right-click and select Export
a. Select the Base 64 format
b. Save to root.crt

Rename root.crt to root.pem

IV. Install into your application

1. Copy root.pem, cert.pem and key.pem into the project folder for your application.
2. Go to ServerController and set the SSLOptions: CertificatePassword, Port and SSLVersion.
3. Set your application's main form ConnectionMode to cmSecure.

If you have IIS running on this server, you cannot use port 443 for your application because IIS is using it. You can use any other available port, like 8443.

Also see:
 https://forums.embarcadero.com/thread.jspa?messageID=884440#884440
 
Daniel:
I set the SSLOptions.Password, the Port, and SSLVersion=SSLv23. I leave the other settings blank or at their default. I set my main form's ConnectionMode to cmSecure. I have used the following settings for many years, without any issues or complications.
 
 
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)