Our full technical support staff does not monitor this forum. If you need assistance from a member of our staff, please submit your question from the Ask a Question page.


Log in or register to post/reply in the forum.

CSI Web Server HTTPS setup


mwassmer Apr 29, 2015 09:10 PM

The CSI Web Server manual says that a Private Key File and a Certificate File from a 3rd party Certificate Authority (CA) are required to enable HTTPS, but it doesn't explain how to obtain these things.

Can anyone provide step-by-step instruction for obtaining the Private Key File and Certificate File?

BTW, I have a WordPress website hosted by DreamHost and a CSI Web Server running on an Azure Windows Server 2012 VM. I was able to secure my website without too much trouble. The certificate signing request (CSR) was available on the DreamHost control panel, so I simply copied that CSR and pasted it into a form on the CA's website. The CA then provided the certificate file, which I pasted into the DreamHost control panel. DreamHost generated its own private key, which was listed in the control panel. After doing all those steps and then redirecting HTTP to HTTPS, everything was working fine.

I was hoping I could follow a similar series of steps to secure my CSI Web Server, but apparently it works completely differently. I tried to play around with OpenSSL a little bit, but I got really confused. Any help would be greatly appreciated.


thommark Apr 30, 2015 11:42 AM

I have successfully used the following website to create the key for HTTPS.

http://www.stellarwebsolutions.com/certificates/stellar_cert_builder.php?reset

After you have both files, go to CSI Web Server Admin and use your saved files on the HTTPS tab. The private key password can be anything you chose. It will be used when you access the site.


mwassmer Apr 30, 2015 06:15 PM

I followed the suggestion by @thommark, but I can't connect via HTTPS.

Here are the relevant links:
http://dataloggers.livetozero.com/InterlockHouse
https://dataloggers.livetozero.com/InterlockHouse


thommark Apr 30, 2015 07:04 PM

Could you tell me what version of CSI web server you are using?


mwassmer Apr 30, 2015 08:54 PM

I am using v1.03.23


thommark May 1, 2015 08:48 AM

That sounds like my exact set up. The last (long shot) idea I have is that maybe your HTTPS port is being blocked. Are you using the default 443 port?


mwassmer May 1, 2015 11:49 AM

Yes, I'm using port 443. I'm pretty sure it is unblock because I get a different browser error when I intentionally block it compared to when I unblock it.


jtrauntvein May 1, 2015 01:28 PM

The Status tab of the CSI Web Server administrator should provide some level of error message if it failed to load your private key and certificate files. I would check that first if you haven't already done so.

You can either use a self signed certificate or use a certificate provided by a certificate signing authority. If using a signed certificate, you will need to chain your certificate with one or more root certificates provided by the authority.

The steps for using openssl to generate a self signed certificate using openssl are as follows:

1- Use openssl to generate a private key file:
openssl genrsa -out private.key 1024

2 - Use openssl to generate the self-signed certificate:
openssl req -new -x509 -key private.key -out certificate.crt -days 12000

2.1 - When prompted enter the country code (US in your case) and press enter
2.2 - When prompted enter the state or province (Iowa in your case) and press enter
2.3 - When prompted enter your city and press enter
2.4 - When prompted enter the name of the organisation and press enter
2.5 - When prompted enter the section name (I leave it blank) and press enter
2.6 - When prompted enter the fully qualified domain name of the machine hosting the web server. This value must match the value specified in the "Server Name:" field in the CSI Web Server Administrator Configuration/HTTPS tab.
2.7 - When prompted enter your email address


At this point, you should have a private key and self signed certificate file that can be specified in the CSI Web Server Administrator Configuration/HTTPS tab. Because it is a self-signed certificate, the browser might balk at loading the page. On Chrome, I had to click on the "Advanced" link and then click on another link in order to convince the browser that my web site was legitimate. If you want to avoid this heart ache, you will need a signed certificate.


mortenx Mar 3, 2019 04:29 AM

where can i download csi web server `?

Log in or register to post/reply in the forum.