Changes for page Development-SSL requests via https protocol
Last modified by Aaron Rosenzweig on 2012/03/19 19:33
From version 23.1
edited by Quinton Dolan
on 2007/07/12 20:45
on 2007/07/12 20:45
Change comment:
There is no comment for this version
To version 26.1
edited by Kieran Kelleher
on 2008/07/21 17:29
on 2008/07/21 17:29
Change comment:
There is no comment for this version
Summary
-
Page properties (3 modified, 0 added, 0 removed)
Details
- Page properties
-
- Title
-
... ... @@ -1,1 +1,1 @@ 1 - Programming__WebObjects-WebApplications-Development-SSL1 +Web Applications-Development-SSL requests via https protocol - Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. qdolan1 +XWiki.kieran - Content
-
... ... @@ -1,5 +1,73 @@ 1 -== DetectingSSL==1 +== Introduction == 2 2 3 +Sooner or later you will need to develop WebObjects applications that work with SSL requests over https protocol. If ssl is configured on your deployment server, you can probably just change http to https in the app entry URL and the app will probably just work over https protocol. However if your application requires security, you cannot just depend on your users typing in a URL that begins with https. Also since SSL encryption adds more load to the webserver, you may want decide that just some pages need to be returned securely over https and the rest returned via plain old http. In any case, you may want to or need to set up your local OS X development machine to support https protocol so that you can properly test your application. This article endeavors to do this in a concise way while referring to 3rd party sources where applicable. Note also that setting up ssl for testing can be a far simpler task (and not really secure) than setting up real authentic SSL certificates for use in a production server. 4 + 5 +{{info title="Compatability"}} 6 + 7 +These instructions were written and tested on the following, but should work on any 10.5.X config or later 8 +* OS X Leopard Client 10.5.4 9 +* Standard built-in apache2 10 +* If you like record and verify your OS config as follows: 11 +** $ openssl version 12 +*** OpenSSL 0.9.8g 19 Oct 2007 13 +** $ httpd -v 14 +*** Server version: Apache/2.2.8 (Unix) 15 + 16 + 17 +{{/info}} 18 + 19 +== Development via Apache Webserver == 20 + 21 +By default, WebObjects development installations typically run via DirectConnect. For https development, we must run thru the apache webserver built in to every OS X machine. So before going any further, configure your WebObjects development environment so that your development application launches and [[runs thru apache>>Development Tools-Running Through Apache]] using the host name "localhost". 22 + 23 +== Configuring Apache for [[https://localhost]] == 24 + 25 +=== Make the private key and SSL certificate === 26 + 27 +Normally creating SSL certificates for production use is quite involved, however since we are just doing localhost development and testing, we can bypass all the mumbo-jumbo and create the minimal unpassworded private key and SSL certificate the easy way. Do not use this method for creating production server SSL certificates! 28 + 29 +* Open terminal and ... 30 + 31 +{{noformat}} 32 + 33 +$ cd /etc/apache2/ 34 +$ sudo -s 35 +# mkdir devsslcerts 36 +# cd devsslcerts/ 37 +bash-3.2# mkdir devsslcerts 38 +bash-3.2# cd devsslcerts/ 39 +bash-3.2# openssl req -new -x509 -nodes -out localhost_server.crt -keyout localhost_server.key 40 +Generating a 1024 bit RSA private key 41 +.........................++++++ 42 +.....++++++ 43 +writing new private key to 'localhost_server.key' 44 +----- 45 +You are about to be asked to enter information that will be incorporated 46 +into your certificate request. 47 +What you are about to enter is what is called a Distinguished Name or a DN. 48 +There are quite a few fields but you can leave some blank 49 +For some fields there will be a default value, 50 +If you enter '.', the field will be left blank. 51 +----- 52 +Country Name (2 letter code) [AU]:US 53 +State or Province Name (full name) [Some-State]:Florida 54 +Locality Name (eg, city) []:Tampa 55 +Organization Name (eg, company) [Internet Widgits Pty Ltd]:Five WebObjects Sailors, Inc. 56 +Organizational Unit Name (eg, section) []:Software Engineering Department 57 +Common Name (eg, YOUR name) []:localhost 58 +Email Address []:developer@webobjects.com 59 +bash-3.2# ls -al 60 +total 16 61 +drwxr-xr-x 4 root wheel 136 Jul 21 16:58 . 62 +drwxr-xr-x 10 root wheel 340 Jul 21 16:56 .. 63 +-rw-r--r-- 1 root wheel 1497 Jul 21 16:58 localhost_server.crt 64 +-rw-r--r-- 1 root wheel 887 Jul 21 16:58 localhost_server.key 65 + 66 + 67 +{{/noformat}} 68 + 69 +== Detecting SSL == 70 + 3 3 Code for detecting whether SSL is active for the current request: 4 4 I'm told this won't work with IIS: 5 5 ... ... @@ -24,5 +24,3 @@ 24 24 log.debug( "secure mode set to " + secureMode ); 25 25 26 26 {{/code}} 27 - 28 -Category:WebObjects