Relativity and SSL/https on Ubuntu with Lazarus 1.4.4

Hi

I try to setup the Relativity Server with SSL/https support.
Did follow this Doc:
http://old.wiki.remobjects.com/wiki/Relativity_Server_Deployment_and_Setup#SSL_Support
Exept the Section >> Adjust IIS Settings:

Did also Read This Post ( and a few others )
http://talk.remobjects.com/t/securing-relativity-and-ssl-https-support/208

I have a normal SSL Certificate for the Domain.
If i try to reach the Http Info Page with a Browser https://mydomain.ch:8199/ i do not get any Info.
The Normal Http Info Page http://mydomain.ch:7099/ work fine.

Any Help on this?
Shalom
Manfred

Hello

Actually what you need to achieve is to get an SSL certificate and Mono HttpListener work together. This article seems like a good tutorial: http://joshua.perina.com/geo/post/using-ssl-https-with-mono-httplistener

The step you skipped did exactly that on Windows

Regards

Hi antonk

Did that and if i run httpcfg -list i see also the entry with Port 443.
But when i start https://mydomain.ch:8199/ it seeams not working.

I did create a Http Binding ( with Server Admin ) for Port 8199 and also with use SSL. I use the Server Channel type httpsys

Thanks for your patience :wink:
Manfred

Hello

Just in case - for which port exactly did you install the certificate?
http://manpages.ubuntu.com/manpages/natty/man1/httpcfg.1.html

By default it installs to 443 (default https connection port), yet you try to connect to 8199

Ok, that was a misunderstanding on my side.
Thaugt https = Port 443

Changed the setting to httpcfg -add -port 8199 -pvk www.mydomain.ch.pvk -cert www.mydomain.ch.crt

httpcfg -list
Port: 8199 Thumbprint: somedata

But the Infopage is still not here on https://mydomain.ch:8199/
This works fine: http://mydomain.ch:7099/

This is confirmed to work. I created a test cert as described here: http://www.mono-project.com/docs/web/using-clientcertificates-with-xsp/ and the result is

RS running on kubuntu, with https enabled

Thanks for your Test’s.
Did also go thru the Documentation and found this:

Warning: installing mod_mono may uninstall the PHP Apache module. Apparently they cannot co-exist.

https://help.ubuntu.com/community/ModMono
Since i use Apache and PHP this seams to be a problem…

We’ll provide more SSL options for Relativity Server soon, that won’t use the HttpSys facilities.

Thank’s for the great news.:blush:

Shalom
Manfred

Great info antonk! The enhanced SSL options they will be added also in RO SDK?

Sure.

The main purpose of the SSL/TLS-related changes introduced is to make the SSL/TLS stuff more accessible and easy to use in all SDK-based server applications. Since Relativity Server is still an advanced Data Abstract for .NET server application, it benefits from them too.
We don’t make any detailed overviews if these features/changes yet because the work is still in the progress and some API’s may be changed in the process.

1 Like

Thank you very much antonk! I look forward to new news :yum:

Is there any Relase-Date on this?

Hello

I cannot give you any ETA on this (I can only say that this will be done in the next weeks), still it will appear on Beta builds first.

Hi, i did notice that there is now no Beta from the Relativity Server…
Just taught that i ask again for the new Version.

Shalom
Manfred

Relativity is bundled into any Data Abstract beta. Still despite huge changes and improvements related to SSL stuff (especially on Mono) the Relativity itself doesn’t use this API yet.

Hi, How is the status on this Topic?

Shalom
Manfred

Hello

What exactly do you mean?

On the 15 Dez you did write:

We’ll provide more SSL options for Relativity Server soon, that won’t use the HttpSys facilities.

Sure.

Take a look at this article: https://docs.dataabstract.com/Relativity/TLS/

Unfortunately it seems that the article is missing 2 screenshots so here they are:


Regards