Frequently asked questions (Connect 2023)

Connect Server General

HTTPS, SSL, TLS: I want a secure connection between Connect Server and client (browser). What do I have to do?

Connect supports SSL and TLS. HTTPS must be activated so that data can be transmitted securely between Connect Server and client. A certificate is required for this. The certificate can be requested from third-party providers, or you can create it yourself. When the certificate is ready, it can be configured as described here.

How do I create a server certificate to use HTTPS?

The procedure for this depends heavily on the infrastructure used. In general, the procedure is as follows:

  1. Generate the private key for the server

  2. Creation of a certificate request for the server

  3. Signing of the certificate request by a trusted certification authority

  4. Creation of the .pfx file

An example of this flow using OpenSSL:

First create a configuration file with the desired certificate contents and save it under the name "cert.cnf". The content could look like this:

[req] prompt = no default_bits = 2048 distinguished_name = req_distinguished_name req_extensions = req_ext [req_distinguished_name] countryName = DE stateOrProvinceName = Bavaria localityName = Munich organizationName = Galileo Group AG organizationalUnitName = IT commonName = Connect Server emailAddress = info@galileo-group.de [req_ext] subjectAltName = @alt_names [alt_names] DNS.1 = webserver1.galileo-group.de DNS.2 = webserver2.galileo-group.de DNS.3 = webserver3.galileo-group.de

Now generate a new private key and the certificate request with the following command:

openssl req -newkey rsa:2048 -nodes -keyout private.key -out certreq.csr -config cert.cnf

A new private key is generated and stored in the "private.key" file. In addition, the certificate request is generated and stored in the "certreq.csr" file. You must now send the contents of this file to the certification authority for signing. From there you will get back a file with the signed certificate, which we call "cert_base64.cer" in this example.

Now you need to generate an X509 certificate from this file as well as the private key, which contains all the information required by the server. Use the following command for this:

openssl pkcs12 -export -in cert_base64.cer -inkey private.key -out cert.pfx

During execution, you will be asked to set the password for the private key. The cert.pfx file is then created. You can use this file and its password to configure the Connect Server for HTTPS. For more information, see the chapter Configuration (Connect 2022).

Connect Server on Linux

Which Linux distributions are supported?

The Connect Server should work on all common Linux distributions. Our internal tests are currently carried out under the latest version of Suse (SLES), RedHat (CentOS), Ubuntu and Debian (only in combination with Docker).

Connect Server on Windows

Which Windows versions are supported?

The Connect Server can run on Windows client versions from Windows 7 onwards as well as on Windows servers from Windows Server 2016 onwards.

Are specific server roles required?

Only the operation under IIS on Windows Server requires the corresponding web server role. Otherwise, no special server roles are required.

Connect Server on other operating systems

Are other operating systems such as MacOS supported?

In general, the operation of the Connect Server should be possible on all operating systems for which .NET 6 is available. This also applies to macOS. However, we are currently only testing on Windows and various Linux distributions.

Use of MS SQL database

Which collation should be used?

In our Galileo-internal systems we use "Latin1_General_CI_AS".

In general, however, all collations should work, as the communication with the database runs exclusively via Unicode and the sorting is always done by the C# coding of Connect.

However, if you can decide, use: "Latin1_General_CI_AS".

Problems and solutions

A list of known problems and their solutions can be found at the following link:

Connect - Troubleshooting Guide