NetTalk Central

Author Topic: Listening on two ports, insecure + Secure  (Read 4012 times)

Wolfgang Orth

  • Sr. Member
  • ****
  • Posts: 251
    • View Profile
    • oData Wolfgang Orth
Listening on two ports, insecure + Secure
« on: May 06, 2020, 12:28:30 PM »
Hello Bruce and all others,

coming from Nettalk 9 to Nettalk 11, I have one problem to solve now.
In the past I used to have two objects, one for the insecure, the other for the secure port.
https://capesoft.com/docs/NetTalk11/NetTalk10Upgrade.htm#ListeningOn2Ports

I still have the need to serve both server under one address.
As far as I understand now, I need to have two different server-EXE simultaniously, one listening on the insecure port, the other on the secure port with the self-issued certificate.

The insecure servre will serve some static pages, but probably also the API-dokumentation.

I want to avoid the warnings when I call those static URLs on the secure port, so I am willing for those  manouvers.

For installing / starting / stopping / removing the recent server (NT9) I have an Admin.EXE. Since there will be two EXE now, I look to keep the UX still the same. So only one set of buttons to administer the background service. Having two servers individually to start will lead to a mess.

My idea: Once one server is started (reading the port number from an INI like before), it will then check, whether the other server (same EXE, but different port) runs. If NOT running, then it will start the same EXE with RUN(), passing the other purpose as a parameter. Because the calling program is a background service, the called server with the other port runs with the same credentials, IOW it will be invisible like the service. Which is a desired behaviour.

Now on the buttons to stop / remove the background service, I prepend that service-calls with a NetWebClient method to shutdown the other server. Just issueing a POST(CloseDown) in the service method.

When in the Admin.EXE the service is now restarted, it will perform a check and RUN() for the other server. Probably repeatedly in the TIMER.event. like a kind of watchdog. So the can keep each other running.

To me it sounds reasonable.

Any other opinion?

Thank you in advance!

bye
Wolfgang
« Last Edit: May 06, 2020, 12:42:12 PM by Wolfgang Orth »

Jane

  • Sr. Member
  • ****
  • Posts: 372
  • Expert on nothing with opinions on everything.
    • View Profile
    • Email
Re: Listening on two ports, insecure + Secure
« Reply #1 on: May 06, 2020, 02:24:04 PM »
Hi, Wolfgang,

Curious how your first EXE is going to know the port on which another version of itself is running?

I have an situation where I'm serving both 80 and 443 using two EXEs.  This is in-house, so I haven't had to make it bullet-proof for end-users. 

Each of the EXEs installs with a different service name.  So it's easy to see them both in task manager.  Both can be configured with recovery options, etc.

I guess you could consider it a "mess"... LOL... 

Jane


Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Listening on two ports, insecure + Secure
« Reply #2 on: May 07, 2020, 10:32:27 PM »
I'm curious why you would want the site to be _insecure_?

Yes you could just run the exe twice, with different settings,and different service names.

You could also have 2 webserver procedures in the same app - but that is probably more complicated for you to create.

cheers
Bruce

Wolfgang Orth

  • Sr. Member
  • ****
  • Posts: 251
    • View Profile
    • oData Wolfgang Orth
Re: Listening on two ports, insecure + Secure
« Reply #3 on: May 10, 2020, 11:11:30 AM »
Hello Bruce,

> I'm curious why you would want the site to be _insecure_?

its this wicked Client-Server-Combo with a self-inflicted certificate on a LAN... <g>

While the Nettalk-Webclient can thankfully be advised to ignore the errors (or actually warnings) caused by that certificate, I have two occasions where I need to display
a) a PDF or
b) a static HTML, which gets generated on-the-fly by the server form the DB. A simple product fact-sheet. It gets displayed by a procedure made with File Explorer. It will soon be replaced by the Chrome Explorer. But both the underlying IE and likely Chromium (not tested yet, but I am fairly confident that it will fail) spit into my beer. And the PDF is displayed at the moment by any webbrowser that is present.

So for these two occasions I need a reliable way to display the data. And that wil be an insecure webserver.

In the future I likely can display those PDF in my own procedure, based on Chrome Explorer. I look forward for this!

It will be interesting to see, how to overcome these obstacles when I enhance my Nettalk-Webclient-EXE with Anyscreen. Yeah, I am scared by nuthing!


> Yes you could just run the exe twice, with different settings,and different service names.

Different service names - can the service names be assigned at runtime? I have not looked for that.

I folloewed Janes advice, to have a separate EXE. Actually I took the existing one, stripped out all methods except the PDF / fact-sheet disply thingie, gave it a new unique name in the SelfService template dialog and it runs well. Usually not my favourite approach, as I have to maintain two different EXE now. But in this case this new, reduced server will undergo minimal changes in the future, if any. So the risk of additional work is bearable.


You could also have 2 webserver procedures in the same app - but that is probably more complicated for you to create.

Well, in Nettalk 9 it was easy. <g>

But its okay the way it is now.

Thanks
Wolfgang