B4J Question [Solved] [ABMaterial] - using https (secure)

Harris

Expert
Licensed User
Longtime User
myApp.StartServerHTTP2(srvr, "srvr", port, 443,"keystore","b12xxxxx","b12xxxxx" ) ' port = 51046
Is this correct?


I purchased SSL cert from SSLs.com (namecheap)...

I had my VPS provider setup the certs on my VPS.
I created a keystore (named keystore) according to this command - and answering questions...

keytool -keystore keystore -alias jetty -genkey -keyalg RSA

Updated server with new jar and rebooted. The jar did start on the server, however
now I can't run the app in my browser.
 

OliverA

Expert
Licensed User
Longtime User
Root, Intermediate(s) and the End Entity (from the above link): All these (if they apply) you should be able to download from Sectigo
 
Upvote 0

Harris

Expert
Licensed User
Longtime User
upload_2019-4-13_15-10-30.png

That is what I got from SSLs.com - my cert files...
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
open the bundle with a text editor and see if you see several begin/end certificates
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
Try this:
B4X:
keytool -import -trustcacerts -alias mykey -file 223892800.crt -keystore domain.keystore
Update: change domain.keystore to your keystore name!!!!!
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
I hope someone else can step in now (I'm going to be offline for awhile). Looks like you have a valid .crt file and the associated "chain" via the PEM files (the .ca-bundle) file. That should be enough info for someone with keystore chops (not me btw) to help you out (if post #45 did not do the trick).
 
Upvote 0

Harris

Expert
Licensed User
Longtime User
This site can’t provide a secure connection
comcrimewatch.com uses an unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

keytool -import -trustcacerts -alias mykey -file 223892800.crt -keystore domain.keystore

changed to ccw.keystore
 
Upvote 0

Harris

Expert
Licensed User
Longtime User
I hope someone else can step in now (I'm going to be offline for awhile). Looks like you have a valid .crt file and the associated "chain" via the PEM files (the .ca-bundle) file. That should be enough info for someone with keystore chops (not me btw) to help you out (if post #45 did not do the trick).
Thanks for your effort. This is a real challenge - yet somehow I think it does not need be...

If nothing else, this thread will be on Erels top ten Sunday report...
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
quick: ssl check shows:
No SSL certificates were found on comcrimewatch.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.

Make sure the keystore is in the right place
 
Upvote 0

Harris

Expert
Licensed User
Longtime User
quick: ssl check shows:

Make sure the keystore is in the right place
It is in the File.DirApp - right by my jar...

What would be "the right place"?
 
Last edited:
Upvote 0

OliverA

Expert
Licensed User
Longtime User
Upvote 0

Harris

Expert
Licensed User
Longtime User
root@hwsrv-206966:/var/www# ufw status verbose
Status: inactive

UFW - the firewall is inactive on my server.
Should It be active?
 
Upvote 0

Harris

Expert
Licensed User
Longtime User
Other than @prajinpraveen , has ANYONE else had success setting up your ABM VPS to use ssl?
I would attach a picture of the patch of my hair I ripped out - but I am already bald (from MS development products frustration).
Want to help me out? Get me a gun so I can end this misery... My PC or me - something has got to go...
 
Upvote 0

XbNnX_507

Active Member
Licensed User
Longtime User
Other than @prajinpraveen , has ANYONE else had success setting up your ABM VPS to use ssl?
I would attach a picture of the patch of my hair I ripped out - but I am already bald (from MS development products frustration).
Want to help me out? Get me a gun so I can end this misery... My PC or me - something has got to go...
I just did.... With Let's Encrypt certificate...
You need to use https://keystore-explorer.org/
 

Attachments

  • 1.jpg
    1.jpg
    57.1 KB · Views: 313
Upvote 0

Harris

Expert
Licensed User
Longtime User
Ok, I will try - as I have looked at it. What do I have to loose (seems nothing at this point)?
Do you have a Linux or Windows server?
The attached image does not say much - what is it trying to state?

I have Ubuntu 18.04 LTS (updated to all new patches).
@prajinpraveen has a WIndows server - where it seemed to work. Seems Linux is ( a wee bit ) different to make it work...
 
Upvote 0

XbNnX_507

Active Member
Licensed User
Longtime User
Do you have a Linux or Windows server?
i have a linux server Ubuntu VPS.
The attached image does not say much - what is it trying to state?
You asked who else had experience setting up ssl...
Seems Linux is ( a wee bit ) different to make it work...
Is the same...

Are you using java 8 or 9?
Be aware you need to modify ABMApplication if you use java 8 ( as i do )..
 
Last edited:
Upvote 0

Harris

Expert
Licensed User
Longtime User
Why oh why do I have such an issue? Seems simple enough - yet I flounder.
I will try your suggestion.

Did you get the Windows version or The ubuntu of the explorer app?
If you installed it on your linux server - how did you run it?

Sorry to pest, but you can see where I am at...

When I get this cased, I will write a simple tutorial so NO ONE has to go thru this hell again.
 
Upvote 0
Top