B4J Question Certificates SSL in b4J

francisco duran

Member
Licensed User
Hello friends, I need your help, I am trying to configure the SSL certificate for a B4J server application. It works very well for me in http:// but if I configure it for https:// I always get the error I have tried in several ways to configure the certificates and I have not been able to.
I am using a bluehost VPS server.
I bought a certificate at ssl.com and it works for me on the root page, but when I try to access mine with the port number the certificate does not work.

I have reviewed various tutorials and ways to do it on B4X.com and nothing.

Does anyone know how to remove the error mentioned above?

Thank you so much
 

Johan Hormaza

Well-Known Member
Licensed User
Longtime User
 
Upvote 0

francisco duran

Member
Licensed User
Hello, I have already used that tutorial. I bought the certificate and registered it on my domain https://lev.jsb.mybluehost.me/

and it works fine

The page I need is at https://lev.jsb.mybluehost.me:10004 and the certificate does not work there, I get an error "ERR_SSL_PROTOCOL_ERROR"

The page is fine because it works without problem in
http://lev.jsb.mybluehost.me:10001 but it is not a secure page.

The problem is that I can't assign the certificate I have to the page :10004.
But the certificate is already active.

I need help.
 
Upvote 0

teddybear

Well-Known Member
Licensed User
Not enough information to determine the problem.
How did you deploy your web app to bluehost VPS server? how did you generate the keystore file?
I guess that homepage webserver you are using is provided by bluehost, you want to link to B4J server using URL via https, mostly the problem is that the keystore file you generated by the certificate you bought is incorrect. I think you should give us more informition.
 
Upvote 0

francisco duran

Member
Licensed User
Hello, I have an application on a bluehost VPS server (Linux centos)

It works on http://lev.jsb.mybluehost.me:10001/ with no problem but no security.

I am trying to upload the page https://lev.jsb.mybluehost.me:10004 using the same certificate that I have in https://lev.jsb.mybluehost.me

I bought that certificate at ssl.com, it is not the original from bluehost

The page code is:
Main:
Sub AppStart (Args() As String)
    srvr.Initialize("srvr")
    srvr.AddWebSocket("/ws", "leaflet")
    srvr.AddHandler("/tableHelper", "TableHelper", False)
    
    srvr.Port = 10001
    ConfigureSSL(10004)
    srvr.Start
    StartMessageLoop
End Sub
Public Sub Filter(req As ServletRequest, resp As ServletResponse) As Boolean
    If req.Secure Then
        Return True
    Else
        resp.SendRedirect(req.FullRequestURI.Replace("http:", "https:") _
       .Replace(srvr.Port, srvr.SslPort))
        Return False
    End If
End Sub

Private Sub ConfigureSSL (SslPort As Int)
    'example of SSL connector configuration
    Dim ssl As SslConfiguration

    ssl.Initialize
    Log (File.DirApp)
    
    ssl.SetKeyStorePath(File.DirApp, "/www/certs/jetty.keystore") 'path to keystore file
    
    ssl.KeyStorePassword = "123456"
    ssl.KeyManagerPassword = "123456"
    
    srvr.SetSslConfiguration(ssl, SslPort)
    
    
    'add filter to redirect all traffic from http to https (optional)
    'srvr.AddFilter("/*", "HttpsFilter", False)
End Sub



The certificate is:

Sin título (1).png


The code for register the certificate is:

keytool -keysize 2048 -genkey -alias jetty -keyalg RSA -keystore jetty.keystore

keytool -certreq -keyalg RSA -alias jetty -file lev.jsb.mybluehost.me.csr -keystore jetty.keystore

keytool -import -trustcacerts -alias AddTrustExternalCARoot -file addtrustexternalcaroot.crt -keystore jetty.keystore

keytool -import -trustcacerts -alias COMODORSAAddTrustCA -file comodorsaaddtrustca.crt -keystore jetty.keystore

keytool -import -trustcacerts -alias COMODORSADomainValidationSecureServerCA -file COMODORSADomainValidationSecureServerCA.crt -keystore jetty.keystore

keytool -import -trustcacerts -alias Recosfa -file lev.jsb.mybluehost.me.crt -keystore jetty.keystore
 
Upvote 0

francisco duran

Member
Licensed User
Hello, this is how I am doing it, in line 7 I call the ConfigureSSL function, which is where I perform the SslConfiguration and after executing the entire function (ConfigureSSL) I start the service (Line 8)
 
Upvote 0

Johan Hormaza

Well-Known Member
Licensed User
Longtime User
That's all wrong, why put the Filter event in the main module?
You must follow the clear steps that Erel dictates here!


1677601199061.png


B4X:
Sub AppStart (Args() As String)
srvr.Initialize("srvr")
srvr.AddWebSocket("/ws", "leaflet")
srvr.AddHandler("/tableHelper", "TableHelper", False)

srvr.Port = 10001
ConfigureSSL(10004)
srvr.Start
StartMessageLoop
End Sub
Public Sub Filter(req As ServletRequest, resp As ServletResponse) As Boolean
If req.Secure Then
Return True
Else
resp.SendRedirect(req.FullRequestURI.Replace("http:", "https:") _
.Replace(srvr.Port, srvr.SslPort))
Return False
End If
End Sub

Private Sub ConfigureSSL (SslPort As Int)
'example of SSL connector configuration
Dim ssl As SslConfiguration

ssl.Initialize
Log (File.DirApp)

ssl.SetKeyStorePath(File.DirApp, "/www/certs/jetty.keystore") 'path to keystore file

ssl.KeyStorePassword = "123456"
ssl.KeyManagerPassword = "123456"

srvr.SetSslConfiguration(ssl, SslPort)


'add filter to redirect all traffic from http to https (optional)
'srvr.AddFilter("/*", "HttpsFilter", False)
End Sub
According to here I see that you are calling after initializing the server
 
Upvote 0

teddybear

Well-Known Member
Licensed User
The code for register the certificate is:

keytool -keysize 2048 -genkey -alias jetty -keyalg RSA -keystore jetty.keystore

keytool -certreq -keyalg RSA -alias jetty -file lev.jsb.mybluehost.me.csr -keystore jetty.keystore

keytool -import -trustcacerts -alias AddTrustExternalCARoot -file addtrustexternalcaroot.crt -keystore jetty.keystore

keytool -import -trustcacerts -alias COMODORSAAddTrustCA -file comodorsaaddtrustca.crt -keystore jetty.keystore

keytool -import -trustcacerts -alias COMODORSADomainValidationSecureServerCA -file COMODORSADomainValidationSecureServerCA.crt -keystore jetty.keystore

keytool -import -trustcacerts -alias Recosfa -file lev.jsb.mybluehost.me.crt -keystore jetty.keystore
Where is your key pair file?
 
Upvote 0

francisco duran

Member
Licensed User
That's all wrong, why put the Filter event in the main module?
You must follow the clear steps that Erel dictates here!


View attachment 139818


According to here I see that you are calling after initializing the server
Hello, I already made the change but still the same.

The program works if I open it in http mode. Failure is when wanting to see the https port
 
Upvote 0

teddybear

Well-Known Member
Licensed User
Check the certificate if it is correct and whether B4J server could be accessed via https on localhost ?
 
Last edited:
Upvote 0
Top