Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Connect Server Allgemein

How do I create a server certificate for using HTTPS?

The procedure depends heavily on the infrastructure used. In general, the procedure is as follows:

  1. Generate the private key for the server

  2. Create a certificate request for the server

  3. Submit the certificate request for signing by a trusted certification authority

  4. Create the .pfx file

An example of this process using OpenSSL:

First create a configuration file with the desired certificate contents and save it as "cert.cnf". The content could look like this:

[req]
prompt             = no
default_bits       = 2048
distinguished_name = req_distinguished_name
req_extensions     = req_ext

[req_distinguished_name]
countryName            = DE
stateOrProvinceName    = Bavaria
localityName           = Munich
organizationName       = Galileo Group AG
organizationalUnitName = IT
commonName             = Connect Server
emailAddress           = info@galileo-group.de

[req_ext]
subjectAltName = @alt_names

[alt_names]
DNS.1 = webserver1.galileo-group.de
DNS.2 = webserver2.galileo-group.de
DNS.3 = webserver3.galileo-group.de

Now generate a new private key and the certificate request with the following command:

openssl req -newkey rsa:2048 -nodes -keyout private.key -out certreq.csr -config cert.cnf

A new private key is generated and stored in the "private.key" file. In addition, the certificate request is generated and stored in the file "certreq.csr". You now have to send the contents of this file to the certification authority for signing. From there you will receive a file with the signed certificate, which we call "cert_base64.cer" in this example.

Now, generate an X509 certificate which contains all the information required by the server using this file and the private key. Use the following command for this:

openssl pkcs12 -export -in cert_base64.cer -inkey private.key -out cert.pfx

When executed, you will be asked to set the password for the private key. The "cert.pfx" file is then created. You can use this file and the corresponding password to configure the Connect Server for HTTPS. For more information, see the chapter Configuration.

Connect Server on Linux

Which Linux distributions are supported?

In principle, the Connect Server should run on all common Linux distributions. Our internal tests are currently carried out using the latest version of Suse (SLES), RedHat (CentOS), Ubuntu and Debian (only in combination with Docker).

Connect Server on Windows

Which Windows versions are supported?

The Connect Server can be operated on Windows client versions from Windows 7 onwards as well as on Windows Server from Windows Server 2016 onwards.

Are specific server roles required?

Only the operation under IIS on Windows Server requires the corresponding web server role. Otherwise, no special server roles are required.

Connect Server on other operating systems

Are other operating systems such as MacOS supported?

In general, the operation of the Connect Server should be possible on all operating systems for which .NET 5.0 is available. This also applies to MacOS. However, we are currently only testing on Windows and various Linux distributions.

Problems and solutions

A list of known problems and their solutions can be found at the following link:

Connect Server - Troubleshooting Guide

  • No labels