B4J Question [solved] B4J Server at Home with SSL (Jetty)

Discussion in 'B4J Questions' started by MarkusR, Aug 8, 2018.

  1. MarkusR

    MarkusR Well-Known Member Licensed User

    i have a problem to get data if me used a http(s) server.
    it not response if me test local at same pc or from web.
    if me use port 80 with without ssl config it works fine local and extern.

    in firefox i got a message selfsigned cert if not ok but i clicked ok for allow
    then nothing happens.

    the keystore file i made at pc.
    the ssl .cert and .key i made with a online tool. http://www.selfsignedcertificate.com/
    then i renamed the file to .crt and installed it at pc (windows 10).

    i also added firewall rules for port 443 in my gdata internet security
    i also tested it with other port for ssl but no success.

    i am helpless :(

    (gui) app start:
    Dim ssl As SslConfiguration
    File.DirApp, "server.keystore")
        ssl.KeyStorePassword = 
        srvr.StaticFilesFolder = 
    File.Combine(File.DirApp, "www")
    Sub Class_Globals
    Private fx As JFX
    End Sub

    'Return True to allow the request to proceed.
    Public Sub Filter(req As ServletRequest, resp As ServletResponseAs Boolean
    If req.Secure Then
    Return True
    Return False
    End If
    End Sub
    HelloPage Class
    'Class module
    Sub Class_Globals
    Private mreq As ServletRequest 'ignore
        Private mresp As ServletResponse 'ignore
    End Sub

    Public Sub Initialize

    End Sub

    Sub Handle(req As ServletRequest, resp As ServletResponse)
        mreq = req
        mresp = resp
    Dim start As Long = DateTime.Now
        resp.ContentType = 
    "<img src='images/logo.png'/ width=100 height=100><br/>"'this file will be loaded from the www folder
        resp.Write("<b>Hello world!!!</b><br/>")
    "Your ip address is: " & req.RemoteAddress & "<br/>")
    "The time here is: " & DateTime.Time(DateTime.Now)).Write("<br/>")
    "It took: ").Write(DateTime.Now - start).Write(" ms to create this page.<br/>")
    "<a href='/'>Back</a>")
    End Sub
    Last edited: Aug 8, 2018
  2. OliverA

    OliverA Well-Known Member Licensed User

    There should be two passwords. One for the keystore (ssl.KeyStorePassword) and one for the key/certificate (ssl.KeyManagerPassword). What instructions did you follow to create the keystore and store your key in the keystore?
    MarkusR likes this.
  3. MarkusR

    MarkusR Well-Known Member Licensed User

    for creating the keystore file i used this in batch
    so it seems i miss the .key file import into this .keystore file.
    KeyManagerPassword no plan where i can set this.

    i remember i tryed this for the import yesterday
    and then there was a error public key in answer and keystore did not match.
    if me use the .key file there i got other error.

    i tryed to follow this tutorial here.

    and i found this
    Last edited: Aug 8, 2018
  4. OliverA

    OliverA Well-Known Member Licensed User

    You need to load the key and certificate into your keystore. For steps see (https://www.eclipse.org/jetty/docum...tml#loading-keys-and-certificates-via-pkcks12) and go the the "Loading Keys and Certificates via PKCS12". For these steps you need OpenSSL. I'm guessing you're on Windows and therefore need to download and installer for Windows (for example, here: https://slproweb.com/products/Win32OpenSSL.html.) Install either the 1.1.0h or the 1.0.2o lite versions (either 32 or 64). I do not know if the "chain of certificates" applies to the certificate that you created.
    MarkusR likes this.
  5. MarkusR

    MarkusR Well-Known Member Licensed User

    online tool .cert .key > PFX/PKCS#12


    import into .keystore
    i used this and the import work, now i will continue testing ..
  6. MarkusR

    MarkusR Well-Known Member Licensed User

    i copied the source from a gui app into a non gui app and now it works.
    (i saw that after the first request the gui app starts to hang and not response^^)
    but i would be happy to have a server with gui.

    Thank you so much for your support! :)
  7. alwaysbusy

    alwaysbusy Expert Licensed User

  8. MarkusR

    MarkusR Well-Known Member Licensed User

    that is sad :(
    i like to have a form with status,menu,config or something else
  9. AHilton

    AHilton Active Member Licensed User

    There's nothing stopping you from creating a GUI desktop / mobile app or even a web-based solution (running in the same NON-GUI server, by the way) that monitors your NON-GUI server. The advantage is that your server and monitoring/status/config app can be de-coupled and run remotely from the server. Very flexible! Maybe a very small amount of extra work to build it, though.

    I've built a generic server monitor GUI app for just this purpose. All of my server apps expose a simple API that the monitor app taps into giving me one app (multiple locations ... desktop, mobile) to see what all of my server apps are doing. From anywhere I happen to be at that moment.
    MarkusR likes this.
  10. MarkusR

    MarkusR Well-Known Member Licensed User

    to see the status remote it make sense to make a extra project, yes.
    its just nice to see a server app running with some visual feedback there where it run.
    if the server class crash as example i can show the error handling there, but i can not see it remote because i can not open a connection to it.
    the server app i will run at home at raspberry pi, if something not work as expected i can switch on the monitor or i can connect via remote desktop from www to it.
    Last edited: Aug 8, 2018
  11. AHilton

    AHilton Active Member Licensed User

    If you're not doing it web-based, yes, 2 separate projects.

    re: Crash - What's the difference? If your server crashes catastrophically, then you'll need to be looking at the server apps' error logs whether or not you have a server with integrated GUI. At least with the solution I mentioned, if you get a crash or errors (that aren't extreme) then you'll be able to read those from the status/monitor GUI app.
    MarkusR likes this.
  12. mrred128

    mrred128 Active Member Licensed User

    I did the traditional way with the server engine at first. It was quite painful in comparison with just using HAProxy (free unix load balencer) with auto renewable certs implemented there. Now I have nothing special to do on the server object side (except source urls are by way of the xforwarded-for variable). Make your life easy.

    Try this.... https://www.blindally.com/myfilmstuff

    Two linux VM's running the b4j server object, load balanced and ssl.
    Last edited: Aug 12, 2018
    MarkusR likes this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice