cppcms-users

[Cppcms-users] Embedded local HTTPS server

[william l. <we...@gm...>]

Hi,
I read the roadmap of CppCMS, it looks like current version's embedded web
server does not support HTTPS.
http://cppcms.com/wikipp/en/page/cppcms_1x_tasks#Implement.HTTPS.support
I have a basic question regarding that.

For example, if a website support HTTPS.  Then it should use SSL
certificate, and signed, verified by 3rd organization, like Verisign. And
this SSL should bind to domain.
We can create self signed security, but browser will pop up a SSL warning
page/dialog while loading the https site.

The question is, what if I want to create a embedded HTTPS server, running
on localhost and accept request from localhost.
How can I provide the certificate to this HTTPs site?  I guess Verisign
will not provide any ssl info bind to Localhost  domain:)
So how can I make sure web browser request to localhost:443 via HTTPS will
not pop up SSL warning page/dialog?

Thanks,
William L.

Re: [Cppcms-users] Embedded local HTTPS server

[Marcel H. <ke...@co...>]

Am 21.03.2012 13:08, schrieb william lee:
> Hi,
> I read the roadmap of CppCMS, it looks like current version's embedded 
> web server does not support HTTPS.
> http://cppcms.com/wikipp/en/page/cppcms_1x_tasks#Implement.HTTPS.support
> I have a basic question regarding that.
>
> For example, if a website support HTTPS.  Then it should use SSL 
> certificate, and signed, verified by 3rd organization, like Verisign. 
> And this SSL should bind to domain.
> We can create self signed security, but browser will pop up a SSL 
> warning page/dialog while loading the https site.
>
> The question is, what if I want to create a embedded HTTPS server, 
> running on localhost and accept request from localhost.
> How can I provide the certificate to this HTTPs site?  I guess 
> Verisign will not provide any ssl info bind to Localhost  domain:)
> So how can I make sure web browser request to localhost:443 via HTTPS 
> will not pop up SSL warning page/dialog?
>
> Thanks,
> William L.
afaik there is no solution. Localhost is a virtual domain of the 
loopback device.
In Firefox e.g. you only have once to accept this warning and then it 
never shows up. Why is it so important for you, that now warning is 
displayed? If you are running it on your localhost, nobody else can 
access to it.

Re: [Cppcms-users] Embedded local HTTPS server

[william l. <we...@gm...>]

Hi, the use case behind this problem is:
we will have a real website, which is HTTPS.
Also, we will have a local app running with embedded HTTPS service.
The real HTTPS website page will use JSONP to request local embedded HTTPS
server for local machine specific datas.

We cannot use local HTTP server to handle the JSONP, because it is not
allowed to  JSONP from HTTPS to HTTP.  It will pop up mix content warning
every time when request :(

thanks,
William L.

On Wed, Mar 21, 2012 at 8:17 PM, Marcel Hellwig <ke...@co...> wrote:

> Am 21.03.2012 13:08, schrieb william lee:
> > Hi,
> > I read the roadmap of CppCMS, it looks like current version's embedded
> > web server does not support HTTPS.
> > http://cppcms.com/wikipp/en/page/cppcms_1x_tasks#Implement.HTTPS.support
> > I have a basic question regarding that.
> >
> > For example, if a website support HTTPS.  Then it should use SSL
> > certificate, and signed, verified by 3rd organization, like Verisign.
> > And this SSL should bind to domain.
> > We can create self signed security, but browser will pop up a SSL
> > warning page/dialog while loading the https site.
> >
> > The question is, what if I want to create a embedded HTTPS server,
> > running on localhost and accept request from localhost.
> > How can I provide the certificate to this HTTPs site?  I guess
> > Verisign will not provide any ssl info bind to Localhost  domain:)
> > So how can I make sure web browser request to localhost:443 via HTTPS
> > will not pop up SSL warning page/dialog?
> >
> > Thanks,
> > William L.
> afaik there is no solution. Localhost is a virtual domain of the
> loopback device.
> In Firefox e.g. you only have once to accept this warning and then it
> never shows up. Why is it so important for you, that now warning is
> displayed? If you are running it on your localhost, nobody else can
> access to it.
>
>
> ------------------------------------------------------------------------------
> This SF email is sponsosred by:
> Try Windows Azure free for 90 days Click Here
> http://p.sf.net/sfu/sfd2d-msazure
> _______________________________________________
> Cppcms-users mailing list
> Cpp...@li...
> https://lists.sourceforge.net/lists/listinfo/cppcms-users
>

Re: [Cppcms-users] Embedded local HTTPS server

[Artyom B. <art...@ya...>]

> For example, if a website support HTTPS. 

> Then it should use SSL certificate, and signed,
> verified by 3rd organization, like Verisign. And
> this SSL should bind to domain.
> We can create self signed security, but browser 

> will pop up a SSL warning page/dialog while loading
> the https site.
>

HTTPS for embedded devices is mostly requred for a secure communication
withing some private network. Generally these sertificates
are handled on per-server basis and explicitly allowed by the users.


>
> The question is, what if I want to create a embedded
> HTTPS server, running on localhost and accept request from localhost.
>


It has not much sence to use SSL on "localhost" :-).


> How can I provide the certificate to this HTTPs site?
> I guess Verisign will not provide any ssl info bind to Localhost  domain:)
> So how can I make sure web browser request to localhost:443 via HTTPS will
> not pop up SSL warning page/dialog?
>

Generally "SSL Warning" would pop only first time and if you add
an exception you should not have problems in future.

Basically you register the sertificate on per "web-site" basis,
I assume there are some more solutions avalible.


I'd recommend you to search about it on the web.

This has nothing to do with CppCMS as you would have exactly the same
problem with any local web server: Apache, Lighttpd, Nginx or IIS.


Artyom Beilis
-------------

Support CppCMS by donating money:
https://sourceforge.net/donate/index.php?group_id=209965