deploy ssl certificate to mobile devices - mobile

we have a ssl certificate that needs to be deployed to all the mobile devices connected to our company wifi network; I can email the certificate to the staff and they can click it to install but Is there any other way of making it downloadable from local webserver ?
your help will be much appreciated, thank you.

Serve it like any other file, make sure these mime types are defined in your Apache conf:
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
It will probably be a .crt file.

Related

PgAdmin4 website hosting on port 443 (https)

For my project i configured the postgresql and pgadmin4 .. but now i want to make the website secure with proper DNS name and run over port 443. DNS is also done but how to make it run over 443 from 80. ie., from http to https. i made changes in httpd.conf file and added certificates required too. but website is not loading ,still the website is opening on http:// ip address but not on https://
I tried making changes in configuration file too
LL be Much thankful.
how to configure pgadmi4 on port 443 https

GET /favicon.icon 404 error in ngrok

On running ngrok and going to the suggested url, i get
GET /favicon.icon 404 error in ngrok.
In which folder does ngrok search for the favicon.ico file ?
How do i fix this ?
Very new to ngrok. Do help me out
Thanks in advance
I ran into a similar problem with URIs from ngrok being served as 404s.
I have a local Apache, PHP and MySQL stack setup on macOS using *.dev domains.
So in my case, I needed to set the host-header option in ngrok to match the hostname of the virtual host Apache was configured for.
Here's the relevant part of my Apache virtual host configuration:
<VirtualHost *:80>
ServerName example.dev
ServerAlias www.example.dev
...
UseCanonicalName Off
</VirtualHost>
The necessary ngrok arguments to tunnel requests to my private development domain were:
$ ngrok http example.dev:80 -host-header=example.dev
What ngrok do is,make tunnels to localhost.That allows you tunnel requests from Internet to your local machine.
You can see following details after running : ngrok http 8888
Tunnel Status
online
Version 2.0.19/2.0.19
Web Interface http://127.0.0.1:4040
Forwarding http://299954c1.ngrok.io -> localhost:8888
Now all the data intended for 'http://299954c1.ngrok.io' url which is publically accessible will come to your local machine at port 8888
You need to have some server running on your local machine at port 8888 which can serve 'favicon.icon' static file
If you are able to get icon by hitting : localhost:8888/favicon.icon in your browser, You will surely get it from http://299954c1.ngrok.io/favicon.icon

GAE App with custom domain

I recently bought a Namecheap domain and have been trying to hook it up to my GAE website. The GAE URL is domain.appspot.com and it works just fine. I have followed the instructions outlined in https://cloud.google.com/appengine/docs/domain but when I try to visit my custom domain I get an error saying:
The webpage at https://www.domain.com/ might be temporarily down or it may have moved permanently to a new web address.
Error code: ERR_CONNECTION_CLOSED
I have no idea what I'm doing wrong. I have confirmed that domain.com and www.domain.com are both listed as custom domain names in the GAE console, and I've added all the IPs/CNAME stuff as specified. A dig domain.com command confirms that:
;; ANSWER SECTION:
domain.com 1234 IN A 216.239.34.21
domain.com 1234 IN A 216.239.36.21
domain.com 1234 IN A 216.239.32.21
domain.com 1234 IN A 216.239.38.21
I'm wondering if this is a HTTPS issue because trying domain.com in Safari tells me that:
Safari can't open "https://domain.com" because Safari can't establish a secure connection to the server "domain.com".
I don't want to get a cert for HTTPS but I don't see any way around the problem? How can I successfully use a custom domain with my GAE app?
The problem was in my app.yaml file. I had set secure: always which was forcing https, but I didn't have a cert. Now I changed it to secure: never to require http, and it should work fine.

Connecting a secured websocket on Google Appengine frontend with managed VM with nodejs runtime

I've trouble in connecting to a wss secured socket server via google appengine frontend with managed VM support.
buy default google exposes only port 8080 in docker image google/nodejs-runtime, Even if expose port 8443 in Dockerfile like below i can connect only to http://localhost:8080 not https://localhost:8443
FROM google/nodejs
WORKDIR /app
ADD package.json /app/
RUN npm install
ADD . /app
EXPOSE 8443
CMD []
ENTRYPOINT ["/nodejs/bin/npm", "start"]
Still i can see port 8080 include in the container
"/nodejs/bin/npm start 8443/tcp, 0.0.0.0:8080->8080/tcp
If i log in to my managed vm instance and run the container image with
docker run -d -p 8443:8443 nodejs.default.wss-check:latest
and try
$curl https://localhost:8443
I get curl: (60) SSL certificate problem: unable to get local issuer certificate, It looks like its connecting but i've to use realdomain name
I've created a issue in github aswell https://github.com/GoogleCloudPlatform/appengine-nodejs-quickstart/issues/13, but not that helpful.
Same set up works like a charm in normal compute instance. but it doesn't auto scale.
Any help on this issue will be appreciated.
The reason you can't curl to https on localhost (curl: (60) SSL certificate problem: unable to get local issuer certificate) is because "localhost" is unknown to any CA. You need to run curl -k https://localhost:8443 to get it to ignore the lack of a certificate for localhost.
Looks like currently Google Managed VM supports Websocket connection only on JAVA
Even if you try websocket connection on with nodejs on GMV it defaults to polling transport. if you wanna see this in live you can use set socket transports, deploy to live and look in to console- network and see which transport its using!
socket.set('transports', [
'websocket'
, 'flashsocket'
, 'htmlfile'
, 'xhr-polling'
, 'jsonp-polling'
]);
We have to wait untill google implements websocket support in Managed VM. If anyone get this working on GMV, Please comment here :)

Google App Engine SSL not working with openssl command line tool

I installed a SSL certificate for my google app engine app and Google Apps domain. HTTPS is working ok, but when I try to use openssl cli tool I get this error:
$ openssl s_client -showcerts -connect mysite.com:443
CONNECTED(00000003)
140625875744448:error:1409E0E5:SSL **routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:**
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 226 bytes
---
Any insight on what could be the problem? From what I google'd, it could be a server config problem, but being Google App Engine server, I don't think I can do anything about it.
The main problem is that this prevents connecting securely via low level APIs like openssl, or programming languages (tried with python and it doesn't work). Strange thing is that the web can be accessed using HTTPS with no problems.
If it helps, here's the site: https://www.proofofexistence.com/
This usually happens when you have set up SNI SSL as this is not supported by default on openssl.
To make this work, just set the -servername flag to the name of the vhost you are testing.
$ openssl s_client -showcerts -servername www.proofofexistence.com -connect www.proofofexistence.com:443

Resources