B4J Question abmaterial webapp ssl security setup

C

ChristopherD

Member
Hi all,

I have a question we have abmaterial webapp up and running on a hosting provider, we want to setup a secure ssl connection to web browsers, is this accomplished on the web app (with StartServerHTTP2, does this setup the ssl connection to the client) or through the hosting provider, with them encrypting and decryption the connection?
 
Sort by date Sort by votes
MichalK73

MichalK73

Well-Known Member
Licensed User
Longtime User
At the beginning, as you write notes about ABMaterial, change the title to the [ABMaterial] tag will be easier to search.

First, you generate your SSL key.
https://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Generating_Keys_and_Certificates_with_JDK_keytool

Then you call:
B4X: 
myApp.StartServerHTTP2(srvr, "srvr", portweb, portssl, filename key, password, password)

If portssl will 443 call app
if other:
https://youradres : portssl

You can also how you want to use a free account CloudFlare.com where you hook up your domain and direct to the IP hosting server. There you have options to choose what route you want to be encrypted. You can set yourself that your server works not after SSL and the exit to the browser client will be after SSL. Then you don't need to change anything in the app and create keys. If you have keys from hosting you can connect them to cloundflare then you will not see the CF key and your personal.

I remember that I had a problem with the procedure StartServerHTTP2 somehow did not really want to work me and I applied another little changed.

B4X: 
public Sub StartServerHTTP2(srvr As Server, srvrName As String, srvrPort As Int, SSLsvrPort As Int,  SSLKeyStoreFileName As String, SSLKeyStorePassword As String, SSLKeyManagerPassword As String)
    ABM.WriteAppLauchPageToDisk(AppPage, File.DirApp & "/www/" & ABMShared.AppName, "index.html", ABMShared.NeedsAuthorization)

    Dim ssl As SslConfiguration
    ssl.Initialize
    ssl.SetKeyStorePath(File.DirApp, SSLKeyStoreFileName) 'path to keystore file
    ssl.KeyStorePassword = SSLKeyStorePassword
    ssl.KeyManagerPassword = SSLKeyManagerPassword
    ssl.EnableConscryptProvider
    srvr.SetSslConfiguration(ssl, SSLsvrPort)

    ' start the server
    srvr.Initialize(srvrName)
    
    ' uncomment this if you want to directly access the app in the url without having to add the app name
    ' e.g. 192.168.1.105:51042 or 192.168.1.105 if you are using port 80
    srvr.AddFilter( "/", "ABMRootFilter", False )
    
    ' NEW V3 Cache Control
    srvr.AddFilter("/*", "ABMCacheControl", False)
    ' NEW 4.00  custom error pages (optional) Needs the ABMErrorHandler class
    srvr.SetCustomErrorPages(CreateMap("org.eclipse.jetty.server.error_page.global": "/" & ABMShared.AppName & "/error")) ' OPTIONAL
    srvr.AddHandler("/" & ABMShared.AppName & "/error", "ABMErrorHandler", False) ' OPTIONAL
    
    srvr.AddWebSocket("/ws/" & ABMShared.AppName, "ABMApplication")
    For i =0 To Pages.Size - 1
        srvr.AddWebSocket("/ws/" & ABMShared.AppName & "/" & Pages.Get(i) , Pages.Get(i))
        If PageNeedsUpload.Get(i) Then           
            srvr.AddHandler("/" & ABMShared.AppName & "/" & Pages.Get(i) & "/abmuploadhandler", "ABMUploadHandler", False)
        End If
    Next   
    srvr.AddBackgroundWorker("ABMCacheScavenger")
    srvr.Port = srvrPort
    srvr.Http2Enabled = True
    
    #If RELEASE       
        srvr.SetStaticFilesOptions(CreateMap("gzip":True,"dirAllowed":False))
    #Else       
        srvr.SetStaticFilesOptions(CreateMap("gzip":False,"dirAllowed":False))
    #End If
        
    srvr.Start
    
    Dim joServer As JavaObject = srvr
    joServer.GetFieldJO("server").RunMethod("stop", Null)
    joServer.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethodJO("getSessionCookieConfig", Null).RunMethod("setMaxAge", Array(31536000)) ' 1 year
    
    ' NEW FEATURE! Each App has its own Session Cookie
    joServer.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethodJO("getSessionCookieConfig", Null).RunMethod("setName", Array(ABMShared.AppName.ToUpperCase))
    joServer.GetFieldJO("server").RunMethod("start", Null)
    
    Dim secs As Long = ABMShared.CacheScavengePeriodSeconds ' must be defined as a long, else you get a 'java.lang.RuntimeException: Method: setIntervalSec not matched.' error
    joServer.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethodJO("getSessionIdManager", Null).RunMethodJO("getSessionHouseKeeper", Null).RunMethod("setIntervalSec", Array As Object(secs))
    
    Dim jo As JavaObject = srvr
    Dim connectors() As Object = jo.GetFieldJO("server").RunMethod("getConnectors", Null)
    Dim timeout As Long = ABMShared.SessionMaxInactiveIntervalSeconds*1000
    For Each c As JavaObject In connectors
        c.RunMethod("setIdleTimeout", Array(timeout))
    Next

    ABMShared.CachedPages = srvr.CreateThreadSafeMap   
End Sub
 
Upvote 0
C

ChristopherD

Member
MichalK73 said:
You can also how you want to use a free account CloudFlare.com where you hook up your domain and direct to the IP hosting server. There you have options to choose what route you want to be encrypted. You can set yourself that your server works not after SSL and the exit to the browser client will be after SSL. Then you don't need to change anything in the app and create keys. If you have keys from hosting you can connect them to cloundflare then you will not see the CF key and your personal.

I remember that I had a problem with the procedure StartServerHTTP2 somehow did not really want to work me and I applied another little changed.

B4X: 
public Sub StartServerHTTP2(srvr As Server, srvrName As String, srvrPort As Int, SSLsvrPort As Int, SSLKeyStoreFileName As String, SSLKeyStorePassword As String, SSLKeyManagerPassword As String)
ABM.WriteAppLauchPageToDisk(AppPage, File.DirApp & "/www/" & ABMShared.AppName, "index.html", ABMShared.NeedsAuthorization)

Dim ssl As SslConfiguration
ssl.Initialize
ssl.SetKeyStorePath(File.DirApp, SSLKeyStoreFileName) 'path to keystore file
ssl.KeyStorePassword = SSLKeyStorePassword
ssl.KeyManagerPassword = SSLKeyManagerPassword
ssl.EnableConscryptProvider
srvr.SetSslConfiguration(ssl, SSLsvrPort)

' start the server
srvr.Initialize(srvrName)

' uncomment this if you want to directly access the app in the url without having to add the app name
' e.g. 192.168.1.105:51042 or 192.168.1.105 if you are using port 80
srvr.AddFilter( "/", "ABMRootFilter", False )

' NEW V3 Cache Control
srvr.AddFilter("/*", "ABMCacheControl", False)
' NEW 4.00 custom error pages (optional) Needs the ABMErrorHandler class
srvr.SetCustomErrorPages(CreateMap("org.eclipse.jetty.server.error_page.global": "/" & ABMShared.AppName & "/error")) ' OPTIONAL
srvr.AddHandler("/" & ABMShared.AppName & "/error", "ABMErrorHandler", False) ' OPTIONAL

srvr.AddWebSocket("/ws/" & ABMShared.AppName, "ABMApplication")
For i =0 To Pages.Size - 1
srvr.AddWebSocket("/ws/" & ABMShared.AppName & "/" & Pages.Get(i) , Pages.Get(i))
If PageNeedsUpload.Get(i) Then
srvr.AddHandler("/" & ABMShared.AppName & "/" & Pages.Get(i) & "/abmuploadhandler", "ABMUploadHandler", False)
End If
Next
srvr.AddBackgroundWorker("ABMCacheScavenger")
srvr.Port = srvrPort
srvr.Http2Enabled = True

#If RELEASE
srvr.SetStaticFilesOptions(CreateMap("gzip":True,"dirAllowed":False))
#Else
srvr.SetStaticFilesOptions(CreateMap("gzip":False,"dirAllowed":False))
#End If

srvr.Start

Dim joServer As JavaObject = srvr
joServer.GetFieldJO("server").RunMethod("stop", Null)
joServer.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethodJO("getSessionCookieConfig", Null).RunMethod("setMaxAge", Array(31536000)) ' 1 year

' NEW FEATURE! Each App has its own Session Cookie
joServer.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethodJO("getSessionCookieConfig", Null).RunMethod("setName", Array(ABMShared.AppName.ToUpperCase))
joServer.GetFieldJO("server").RunMethod("start", Null)

Dim secs As Long = ABMShared.CacheScavengePeriodSeconds ' must be defined as a long, else you get a 'java.lang.RuntimeException: Method: setIntervalSec not matched.' error
joServer.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethodJO("getSessionIdManager", Null).RunMethodJO("getSessionHouseKeeper", Null).RunMethod("setIntervalSec", Array As Object(secs))

Dim jo As JavaObject = srvr
Dim connectors() As Object = jo.GetFieldJO("server").RunMethod("getConnectors", Null)
Dim timeout As Long = ABMShared.SessionMaxInactiveIntervalSeconds*1000
For Each c As JavaObject In connectors
c.RunMethod("setIdleTimeout", Array(timeout))
Next

ABMShared.CachedPages = srvr.CreateThreadSafeMap
End Sub
Click to expand...

Hi Michal,

Thank you for the information. It is good to know. We did try to setup cloudflare so that the connection will be secure, but we are not having success with the setting up, we are not getting an SSL connection, nor is HTTPS coming up in the URL.
Could we have a detailed tutorial on how to set it up through cloudflare (what settings must be set in cloudflare and B4J) with images were possible please?
 
Upvote 0
You must log in or register to reply here.

Similar Threads

alwaysbusy
  • Article
B4J Library ABKeystoreSSL: SSL Certificate generator using Let's Encrypt
2
Replies
20
Views
5K
alwaysbusy
alwaysbusy
OliverA
Wish Access to sslFactory in jServer or implementation of SslContextFactory reload
Replies
2
Views
1K
OliverA
OliverA
H
  • Solved
B4J Question [SOLVED] B4JPackager11 error javax.net.ssl.SSLHandshakeException
Replies
4
Views
3K
Dieter Baumgartner
Dieter Baumgartner
Harris
  • Question
B4J Question [Solved] [ABMaterial] - using https (secure)
4 5 6
Replies
107
Views
10K
alwaysbusy
alwaysbusy
Mashiane
  • Article
B4J Tutorial [ABMaterial] Package your WebApp with InnoSetup
Replies
1
Views
5K
Mashiane
Mashiane
Top