Difference: AppxHTMLClient550 (2 vs. 3)

Revision 32020-05-19 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="Appx550Installation"

APPX HTML Client 5.5.0

Line: 106 to 104
  2) Extract the Appx Server Connector to a location of your choice. A folder in the /opt directory would be a good choice on a Linux server.
Changed:
<
<		3) Run the appxConnector-install.js script. This should also be run as 'root' on Linux/Unix systems, or as an Administrator on Windows systems. This will check your system for the required modules. To run the script, open a terminal or DOS window and navigate to the folder where you installed the Appx Server Connector, then invoke the installation scripts via 'node':
>
>		3) Configuration will occur via modification to three files ( four I guess, but mostly three ). The three files are appx-client-settings.js (found in webhost.zip bundle), appxConnector.js, and appxMongoConnector.js (both found in serverConnector.zip bundle). A forth one is index.html/client.html if you modify those - I don't recommend it. And now that I think about it, you could go crazy and include a fifth --> the css file(s).

Encryption configuration occurs in all three of those .js files. There is coordination required among the parameters, flipping one parameter requires modification of another parameter at times.

Here are a few of the parameters from those three files that users may sometimes encounter a configuration error.

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "aes"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • metas["appx-proxy-path"]["value"] = "/appxws/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "3014"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "3015"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = true; // Are we using SSL for our connections?

    • const cryptoEnabled = false; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = true; // Are we using SSL for our connections?


Here are a few common scenarios and their values.

I want no reverse proxy, no encryption at all. ( Just a very simple configuration )

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "none"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • // metas["appx-proxy-path"]["value"] = "/appxws/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "3014"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "3015"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

    • const cryptoEnabled = false; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

I want no reverse proxy, AES encryption ( Don't want hassle of reverse proxy configuration. I want encryption, but don't want the hassle of SSL certificates )

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "aes"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • // metas["appx-proxy-path"]["value"] = "/appxws/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "3014"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "3015"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

    • const cryptoEnabled = true; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

I want no reverse proxy, SSL encryption ( Don't want hassle of reverse proxy configuration, but want the best encryption )

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "ssl"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • // metas["appx-proxy-path"]["value"] = "/appxws/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "3014"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "3015"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = true; // Are we using SSL for our connections?

    • const cryptoEnabled = false; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = true; // Are we using SSL for our connections?

I want a reverse proxy, no encryption al all. ( I want a Reverse Proxy because a reverse proxy often allows for a simpler firewall ruleset. Unfortunately, a reverse proxy requires configuration in your web server - Apache, Nginx, IIS. Keepin it simple regarding encryption. )

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "none"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • metas["appx-proxy-path"]["value"] = "/appxws/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "80"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "80"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

    • const cryptoEnabled = false; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

I want reverse proxy, AES encryption( I want a Reverse Proxy because a reverse proxy often allows for a simpler firewall ruleset. Unfortunately, a reverse proxy requires configuration in your web server - Apache, Nginx, IIS. I want encryption, but don't want SSL certificate hassle )

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "aes"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • metas["appx-proxy-path"]["value"] = "/appxws/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "80"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "80"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

    • const cryptoEnabled = true; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = false; // Are we using SSL for our connections?

I want reverse proxy, SSL encryption ( I want a Reverse Proxy because a reverse proxy often allows for a simpler firewall ruleset. Unfortunately, a reverse proxy requires configuration in your web server - Apache, Nginx, IIS. I also want the bese encryption possible )

  • appx-client-settings.js
    • metas["appx-encryption"]["value"] = "ssl"; //** Encryption type to use, valid values are "aes", "ssl", or "none". SSL is most secure, none is least secure.
    • metas["appx-proxy-path"]["value"] = "/appxwss/"; //** If you have configured a reverse proxy, enter the value that triggers the reverse proxy. Typical values are /appxws/ for Non SSL proxies, and /appxwss/ for SSL**/
    • metas["appx-proxy-port"]["value"] = "443"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying **/
    • metas["appx-mongo-port"]["value"] = "443"; //** The port number that the proxy is accessible to the user on, typically 80 in SSL configuration or 443 for SSL configurations. If you are not reverse proxying your **/
  • appxConnector.js

    • const sslEnabled = true; // Are we using SSL for our connections?

    • const cryptoEnabled = false; // Are we using Crypto to encrypt traffic? Must be off if SSL is on

    • const useoldsocket = true; // If set to true, the non SSL capable APPX engine socket and logic are used

    • const appxLocalConnectorCert= null; // If local connector needs certificate authority point to it here

  • appxMongConnector.js

    • const sslEnabled = true; // Are we using SSL for our connections?

Parameters I didn't really dive into, but are worth mentioning. appxLocalConnectorCert is used if you have your own organizational certificate authority. useoldsocket is used if you enabled mandatory SSL logins with your appxLoginMgr and your appxLoginMgr is <5.5.0. If you are in a 5.5.0 environment, useoldsocket should probably be set to false.

 
Added:
>
>		4) Run the appxConnector-install.js script. This should also be run as 'root' on Linux/Unix systems, or as an Administrator on Windows systems. This will check your system for the required modules. To run the script, open a terminal or DOS window and navigate to the folder where you installed the Appx Server Connector, then invoke the installation scripts via 'node':
 
[root@localhost ~]# cd /opt/appxConnector
[root@localhost ~]# npm install
<serveral node packages will be downloaded and installed> 

[root@localhost appxConnector545]# node appxConnector-install.js
Checking for required modules...
 No arguments received, using default settings for install
 Module: crypto - Installed.
 Module: fs - Installed.
 Module: hexy - Installed.
 Module: http - Installed.
 Module: https - Installed.
 Module: mime - Installed.
 Module: mongodb - Installed.
 Module: net - Installed.
 Module: node-cryptojs-aes - Installed.
 Module: string - Installed.
 Module: string_decoder - Installed.
 Module: url - Installed.
 Module: ws - Installed.
 
 Using default mode: systemd
 Installing service on /etc/systemd/system/appxconnector.service
 Running systemctl daemon-reload...
 Installing appxConnector3014 service...
 Done... Waiting on service to start...
 Running systemctl start appxconnector...
 Service appxConnector3014 started
 Using default mode: systemd
 Installing service on /etc/systemd/system/appxmongoconnector.service
 Running systemctl daemon-reload...
 Installing appxMongoConnector3015 service...
 Done... Waiting on service to start...
 Running systemctl start appxmongoconnector...
 Service appxMongoConnector3015 started
Changed:
<
<		4) Confirm the service is running. In Linux/Unix you can use 'ps -ef|grep appx', and in Windows you can use the 'Services' control panel.
>
>		5) Confirm the service is running. In Linux/Unix you can use 'ps -ef|grep appx', and in Windows you can use the 'Services' control panel.
  Assuming the web server to which we installed the client is 192.168.0.15, and that we installed everything into an 'appx' folder on the web server, then we should be able to get a client login dialog box via:
View topic | History: r19 < r18 < r17 < r16 | More topic actions...
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback