Domain Name

[broche]

Hi All
NT8.11
CL9.0

I am using a Virtual Remote server to host my web application.  In testing I have been using the IP address and port 88
All works fine.
Before I go into production I will make the site SSL.
We have a domain name which we set to the Virtual Server IP address
However when I type the www.EET........com name in the address of the browser it never reaches the web server.
Brinkster, who gave us the domain name, say they cannot point at a specific port
I have changed the port to 80 in the app and the Domain name works great.

Any ideas as to what I am missing - probably something on my server end I think.  I have set an inbound rulke in the firewall to allow port 88


Brian.

[Bruce]

the domain name replaces the IP part of the address, but not the port number.

So if your app is on port 88, then you would use the address

www.whatever.com:88

to reach your server. If you run the server on port 80 then the :80 part is dropped (by convention) which is why it works when on port 80.

For SSL the default port is 443 - but then your address becomes
https://www.whatever.com

It is common if you are going to deploy on SSL to have a second server object listening on port 80 as well and redirecting traffic to the 443 port. I think the AlwaysSSL example does this (but I don't recall offhand...)

cheers
Bruce

[broche]

My Customer purchased an SSL Certificate from Comodo
I am struggling trying to figure out how to create a CSR file for it.
Nettalk uses OpenSSL right? the Comodo instructions say how to create the CSR

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

But this of course does not work.

How do I do this please?

Brian.

[rainerwallenius]

This is the tutorial I used and got it right.
I am not sure if you have to own Setupbuilder.

Hope it helps you...

http://www.lindersoft.com/CodeSign.pdf

:: rainer

[Mark Sarson]

Hi Rainer

I think the answer you gave is for code signing applications, whereas Brian is seeking to have a signed certificate for a website.

Regards

Mark Sarson

[Bruce]

>> My Customer purchased an SSL Certificate from Comodo

If the client has already purchased the certificate, then all you need is the certificate - the CSR is used only when purchasing the certificate, not using it.

cheers
Bruce

[markster]

CSR issue: I found that the bat files with openssl calls in the Clarion program files ie,...\accessories\bin\MakeCertificates folder, worked if you copied the MakeCertificates folder into Documents and they were no longer under the Programs Files (x86) folder on the root drive (where writing can be restricted).

Web site access issue: for me. after installing my SSL certificates, [mydomain}.com worked initially, but www.[mydomain].com did not work. I had to add a CNAME record in my DNS to point www.[mydomain].com to the IP address.

Mark

[Bruce]

Hi Mark,

good tip on write-ability.

from a certificate point of view mydomain.com and www.mydomain.com are different, and would require different certificates. If you want a single certificate for multiple sub-domains like this then you need to buy a "Wildcard Certificate" - sometimes known as *.mydomain.com instead of just "mydomain.com".

cheers
Bruce

[kevin plummer]

>>  mydomain.com and www.mydomain.com are different

I just tested on my https site and they both work with a non wildcard certificate.

[markster]

Both URLS's work on my non-wildcard Comodo SSL also. When I looked at the specifics of the SSL order, I saw that both domain.com AND www.domain.com were listed.

Mark