I am currently using Symfony with react and webpack to build an application. I use the Symfony CLI development server. I would like to turn this application into a Progressive Web Application (PWA) according to the cookbook at PWA Workshop. However, according to the information I'm gathering, a fully trusted SSL certificate is required for mobile testing, etc. and the use of mkcert is recommended (or maybe Let'sEncrypt). I've already followed the process to enable TLS on the Symfony CLI server. However, the certificates generated appear to be self-signed and are not a fully trusted. Is there a way either call the trusted mkcert certificates from the Symfony CLI server command line or reference them in Symfony config files so that the server uses them instead of the self-signed ones generated by the symfony server:ca:install command? (mkcert appears to generate two .pem files and other non-php development servers such as http-party/http-server can call them direct from the command line.) My work around is to configure my local apach2 server with the certificates, but I'd like to keep using the Symfony server for debugging.
UPDATE
I failed to mention that my development environment is WSL2 on windows 10. That seems to be the problem with getting trusted certificates to work. Since the browsers run in Windows and the servers run in WSL, the windows browsers don't accept the certificates. My current work around for mkcert and apache2 running on WSL is to:
Install mkcert on both WSL and Windows, Running mkcert -install in both WSL and Windows,
Copy the windows root certs from the Trusted Store created in Windows to the Trusted store created in WSL. You find these stores in both environments by running mkcert -CAROOT in the respective environments,
Run mkcert localhost 127.0.0.1 and add cert pair to a folder somewhere according to mkcert's instructions,
Then configure apache2 to use SSL and the mkcert cert pair according to instructions found all over the internet.
I found this workaround at mkcert solution.
However, this issue still remains for the Symfony Server. It is unclear where the certificates (root or otherwise) are installed when symfony server:ca:install is run and whether there is a way to make copies of those certificates such that the servers can be run in WSL and windows will accept them. Also, the Symfony docs don't indicate whether those certs are just self-signed or if they are trusted root certs like mkcert.
Related
I searched a lot to find any source how to publish.net core projects to free hosting (shared) servers. But I couldn't find anything about it.
I don't talk about to publish linux vm servers. Free web servers does not have any console. Are they?
I know they use ftp solutions.I couldn't find any article to publish aspnet core to linux public server via ftp.
Is it possible?
In general, you would just enable port 22 on your hosting site's config, scp your published project to copy it there, then run dotnet restore and dotnet run on your remote server with ssh -t. The particular company you mentioned, 000webhost, only allows ssh on their paid tier, and it looks like they are focused primarily on php and mysql anyways. I would suggest you get an AWS instance, or some other full server hosting company, and move your app there.
I have successfully installed Apigility to a remote CentOS server. It tell me to go to http://localhost:8888 to access the admin panel. This server does not have a GUI installed so I don't have the ability to remote in to use a web browser. Is there a workaround to access the Apigility interface remotely, possibly restricting access to my IP address? If not do I have to install it on my local machine and then deploy my work to the remote server?
You could add a .htaccess
file
to set a password on it
If you're deploying to AWS you should be able to configure your SecurityGroup to only allow request to your installation if you're trying to access it.
if you want to develop your application right now I would recommend to have a local installation in a docker container or so to perform your changes. If you're going live you shouldn't change anything in the admin surface either.
centOS server using terminal if i am right. The best way to do this with centOs server in terminal is to open port 8888 to the public and access the server from another system serverIP:8888 (using tools like firewalld in the centOs server. U will have to install firewalld) https://www.rootusers.com/how-to-open-a-port-in-centos-7-with-firewalld/
Problem
I am experiencing a problem setting up Apple APNS on centos.
I have my Apache tomcat deployed and working fine. Also I am using Javapns to send push messages.
My Push notifications are working fine on windows, (within eclipse and on Apache standalone). but once I deploy the application to the server(centos 6) I get the Error:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
I am using a p12 certificate that works perfect on Windows as I said. but with no luck on Centos.
Environment:
Apache Tomcat with a Spring 4 deployed webapplication. running on centos 6. with Java 1.7.57.
Using Javapns of course for initiating the Push notifications. And I think it is worthy to mention that my P12 certificate is placed inside the WEB-INF/certs/certificate.p12.
-I do not have a SSL certificate for my webserver.
My Questions:
despite the fact that Javapns documentation states that Javapns is designed to work as part of a webapplication or even standalone, Is there any special configuration I have to modify on the server to allow my Service to run?
What is confusing me is that the same p12 certificate works locally but not on linux?
Is this something related to security chains on the server? or settings of Apache tomcat to allow such service to run?
I tried almost everything, posting this as I feel really stuck with this problem.
Thank you in advance.
When using APNS your server is connecting via SSL to the Apple APNS servers. The message you're receiving means that your used Java environment isn't aware of the issuing certificates - and hence cannot build the trustchain to validate the server certificate.
Check first with the following command <javabin>/keytool -list -keystore <javahome>/jre/lib/security/cacerts if you find the Apple certificates in the JVMs keystore.
If you don't find the Apple certs in there you can import them using this command.
<javabin>/keytool -import -noprompt -trustcacerts -alias <an_alias> -file <the_cert_file> -keystore <javahome>/jre/lib/security/cacerts -storepass changeit
You'll get the Apple root and intermediate certificates here: https://www.apple.com/certificateauthority/
Thank you muenzpraeger for your suggestion, but it was not the solution.
I could solve this through the great post found on http://cloudfields.net/blog/ios-push-notifications-encryption/
The problem as stated is related to authenticating the certificate to do communication over SSL. I had to command-line the Apple APNS certificate. and things worked like magic.
I am happy though for what you have posted as it lead me to read more about keystores.
Thank you for your help.
I've used PuPHPet to set up a development environment and did "vagrant ssh" to get into the machine. After that I installed meteor via curl https://install.meteor.com/ | sh, which worked as expexcted. I thought it would install it to the sync folder I have set up but it doesn't seem to be there. Can I find the file structure of the virtualized machine on my Windows PC?
How does it work? If meteor tells me I can access my meteor app via localhost:3000 how do I access this on my Windows PC?
I'm not so familiar with vagrant and windows, but give this a try.
Login with vagrant ssh
Open terminal and type hostname --ip-address
Paste <yourip> localhost in your hosts file on your windows machine system32\drivers\etc\hosts
Now, all your localhost requests in your browser are send to your vagrant box. I'm not sure if Meteors standard port works with vagrant, so try something like meteor -p 2000 or meteor -p 8080
If you want something like myapp.dev in your browser, you have to use virtual hosts. I'm only familiar with apaches virtual host system, but meteor is using nodejs so i don't know, what would be the best practice here. :/
I recently created a droplet on Digital Ocean, and then just used Meteor Up to deploy my site to it.
As awesome as it was to not have to mess with all of the details, I'm feeling a little worried and out of the loop about what's happening with my server.
For example, I was using the console management that Digital Ocean provides, and I tried to use the meteor mongo command to investigate what was happening with my database. It just errored, with command not found: meteor.
I know my database works, since records are persistent across accesses, but it seems like Meteor Up accomplished this without retaining any of the testing and development interfaces I grew used to on my own machine.
What does it do??? And how can I get a closer look at things going on behind the scenes?
Meteor Up installs your application to the remote server, but does not install the global meteor command-line utilities.
For those, simply run curl https://install.meteor.com | /bin/sh.
MUP does a few things. Note that this MUP is currently under active development and some of this process will likely change soon. The new version will manage deployment via Docker, add support for meteor build options, and other cool stuff. Notes on the development version (mupx) can be found here: https://github.com/arunoda/meteor-up/tree/mupx.
mup setup installs (depending on your mup.json file) Node, PhantomJS, MongoDB, and stud (for SSL support). It also installs the shell script to setup your environment variables, as well as your upstart configuration file.
mup deploy runs meteor build on your local machine to package your meteor app as a bundled and zipped node app for deployment. It then copies the packaged app to the remote server, unbundles it, installs npm modules, and runs as a node app.
Note that meteor build packages your app in production mode rather than the debug mode that runs by default on localhost when you call meteor or meteor run. The next version of MUP will have a buildOptions property in mup.json that you can use to set the debug and mobileSettings options when you deploy.
Also, since your app is running directly via Node (rather than Meteor), meteor mongo won't work. Instead, you need to ssh into the remote server and call mongo appName.
From there, #SLaks is right about how it sets things up on the server (from https://github.com/arunoda/meteor-up#server-setup-details):
This is how Meteor Up will configure the server for you based on the given appName or using "meteor" as default appName. This information will help you customize the server for your needs.
your app lives at /opt/<appName>/app
mup uses upstart with a config file at /etc/init/<appName>.conf
you can start and stop the app with upstart: start <appName> and stop <appName>
logs are located at: /var/log/upstart/<appName>.log
MongoDB installed and bound to the local interface (cannot access from the outside)
the database is named <appName>