H5 AppBroker SSL

We are using H5 with SSL
Host: Running on Windows 2016 server with no Web services.
Mobile devices: Cell Phones.
additional Java Script: Quagga.js BarCode script to access the Phone Camera to Scan an EAN13 type Barcode
Purpose: Scan a Ticket to verify entry to an event.

Must use SSL to access Camera via Chrome.
SSL working fine; all web browsers are happy with the purchased SSL stored in the .pem file.

The whole process works well. But every day the SSL port stops working. The AppBroker Service still running. The portal on NON SSL port (8080) is working still, but the SSL port (8443) fails.

Only way to recover is it to restart the AppBroker Service; which takes unusually long to restart-30 seconds compared to general 2 seconds restart.

We are running H5 AppBroker on another site without SSL- an we have not restarted in 6 months.
The two log files - ipreject.log and appbroker.log don’t give much- unless I just do not understand the log.

Any ideas?

Hi,

Which Clarion version?
Which AppBroker version?

Best regards
Jeffrey

Hello,
Clarion EE 11.0.13401
AppBroker: According to Setup_AppBroker-11.13401

Hi,

So you’re using the latest version. This is a very strange issue. I think it’s best to contact Diego about this.

Best regards
Jeffrey

Hello,
(I am hoping Diego will ask the necessary questions during this post-or how does one get hold of him/them)
I wander if a cause could be that the IP-driver version, which is installed in the same folder, is not the latest.

App Broker version: 11.13401
IP Driver version: ver11.0.13185

Hi,

You could try:
diego at softvelocity dot com

Best regards
Jeffrey

Hello,
Thought I would report that after using a Previous version of only the “AppBroker.exe”, the SSL portion has not died once.
Working version: Setup_AppBroker-10.12799

I do not know why.

How did you integrate Quagga.js with Clarion? Do you have a simple example?

Kind Regards,

Hello,
See example.

attached. ClarionBarCodeMobileHTTPExample.zip (78.3 KB)

1 Like

any example to load camera and save photo ???

I know this is an old post, but related.

Does anyone have a batch file to automatically go and fetch SSL certificate from LetsEncrypt and generate a server.pem for use with H5?

I know NetTalk does this with ease…

Trust me to make a mountain out of this. It was easy. :wink:
The steps I used to obtain an SSL (lets-encrypt) and generate a PEM file to work with AppBroker (H5)

Instruction partly extracted from: https://certbot.eff.org/lets-encrypt/windows-webproduct

  1. Download CertBot
    https://dl.eff.org/certbot-beta-installer-win32.exe

  2. Install on the server/workstation that hosts the AppBroker.

  3. Open firewall ports and do a port forwarding (TCP) to port 80 and 443 from the router to the server/workstation.

  4. Make sure the unique DNS name points to your public IP. I.e. myapp.mydomain.co.za (or use a free DynDns to point to your router/hosting partner)

  5. Stop AppBroker service. (CertBot starts a web-service and does some foot work)

  6. Follow steps to obtain the SSL certificate. See Step 5 in the documentation.
    Yes, it will ask for email address and a few other simple questions such the domain/dns name you need the SSL certificate for: myapp.mydomain.co.za

  7. Once done without errors, the SSL keys will be placed in a “linked” file/folder.

  8. Then an elevated CMD command:
    copy “C:\Certbot\archive\myapp.mydomain.co.za\privkey1.pem” + “C:\Certbot\archive\myapp.mydomain.co.za\fullchain1.pem” C:\AppBroker\server.PEM

  9. Start AppBroker

Once CertBot installed, Steps 5 - 9 only need to be repeated every 80 or so days.
In December when this certificate expires I plan to make a complete batch file to automate the process. Then schedule that to run every 80 days. Hope to share it.

Hope this will help someone.

1 Like

It appears that the folder c:\certbot\archive is used to store part(s) of the original/private keys.
Here is the batch file that seems to have worked well.

@echo prep ssl pem file
@echo stopping AppBroker...
net stop "Clarion Application Broker"
@echo starting certbot via powershell.
Powershell.exe -Command "certbot renew"
@echo ready to copy file
Pause
REM: Make a backup of the current one, just in case. 
DEL C:\AppBroker\CEC3old.PEM
Ren C:\AppBroker\CEC3tmp.PEM C:\AppBroker\CEC3old.PEM
Ren C:\AppBroker\CEC3.PEM C:\AppBroker\CEC3tmp.PEM
copy "C:\Certbot\live\myapp.mydomain.co.za\privkey.pem" + "C:\Certbot\live\myapp.mydomain.co.za\fullchain.pem" C:\AppBroker\CEC3.PEM

@echo starting AppBroker...
net start "Clarion Application Broker"
pause

Hope it will be of help.

1 Like

Thank you very much!

Best regards
Jeffrey