How to start a web server with Suave using HTTPS protocol? - f#

I have read the Suave document but still cannot start a Suave web server using HTTPS protocol.
Can someone help me on this? It would be great if sample code is provided.

You can create an HTTPS binding like this:
let cert = new X509Certificate2("certificate.p12","easy")
let ssl = HttpBinding.createSimple (HTTPS cert) "127.0.0.1" 8443
The certificate needs to be in PKCS format.

Related

Communication between a http server and https server will be secured?

I am trying to implement an HTTP server inside an iOS app. I could see similar apps in the app store. But in my case, embedded HTTP server has to communicate with external HTTPS Server. So now,
is the communication secured? Or do I need to implement HTTPS server, instead?
Is it possible to implement an HTTPS server in iOS app?
Will Apple reject this approach?
Thanks in Advance
I'm assuming that you use the internal HTTP server to provide interceped content for a WKWebView. I this case you web view connects to the HTTP server over HTTP and this connection is insecure. But generally this shouldn't be an issue because nobody can intercept the connection. You HTTP server connects to the internet over HTTPS, and this should be done because this connection could be compromised.
Don't be confused about the different protocols. If you call a HTTPS-URL NSURLSession will use HTTPS and use a secured connection. There is no pitfall or issue. You needn't to support HTTPS for the web view to server connection. This will give you not more notable security.
I use a similar setup in my application and it works perfectly.
BTW: In iOS 11 you may use WKURLSchemeHandler to intercept web view requests. This should be much easier than a local HTTP server. The disadvantage is, that you have to define a custom protocol (e.g. xhttp instead of http), and rewrite the URLs in the web content. But this should be much easier to achieve than a local HTTP server.

How i can use cer with private key or ( PKCS#12 ) for connect with special server

I have a certificate file(cer) sent in response to my request for a certificate and my private key . How can I use it for authentication and encryption for the connection. If I do not have , you can add to it. Sorry if this is a stupid question . I want to understand the principle . Language is not important , but if it is important I use ruby
If HTTPS is an option, you can get both server and client authentication.
There are a lot libraries for this just check httpclient gem:
# Configuring OpenSSL options. See HTTPClient::SSLConfig for more details.
user_cert_file = 'cert.pem'
user_key_file = 'privkey.pem'
clnt.ssl_config.set_client_cert_file(user_cert_file, user_key_file)
clnt.get_content(https_url)
and this topic HTTP library for Ruby with HTTPS, SSL Client Certificate and Keep-Alive support?

Sharing encrypted data between JavaScript and WebServer

I have a Rails WebServer based on REST API
I have a AngularJS app, which connects to this WebServer
What is the best way to encrypt login and password on client side and decrypt these credentials on server side?
If you are using RSA you have to have keys in the browser. The keys can't get to the browser unless they go over the unsecured HTTP connection. If an attacker has the keys by sniffing the HTTP connection, and the algorithm from your javascript code, you aren't protecting anything since decrypting your traffic becomes trivial.
I suggest putting an nginx proxy in front of your web server. You can configure nginx to do the TLS handshake, and you can get a Comodo SSL certificate for less than $15 a year. I've done this myself in front of a Python server and truly, that's all it cost.
I've just decided to use http://travistidwell.com/jsencrypt/index.html in way when I store public server key on client side and private server key on server side.
JS client encrypts all messages that are send to server.
The best way, as mentioned by Geoff Genz, is to secure your web server with HTTPS and ensuring that your login action only accepts requests through HTTPS. Configure your angular app to make requests to the HTTPS URL of your login action and all encryption will be taken care of seamlessly. You won't have to worry about manually encrypting the data clientside and then decrypting serverside. All of this will be handled by the TLS protocol which make HTTPS work.

How do i know if my data is really been transmitted using SSL on Heroku?

Here is my cenario:
I have an Rails app on Heroku and i'm forcing it to use HTTPS (Using this tutorial: http://simonecarletti.com/blog/2011/05/configuring-rails-3-https-ssl/) .
I created a POST form, and its the action is "/my-action"
How do i know if my data is really been transmitted using SSL ? I mean, the form action shouldn't "https://mywebsite.herokuapp.com/my-action" ?
Some considerations:
* I'm using the free heroku SSL (https://myapp.herokuaapp.com )
* This app is not using the heroku SSL endpoint addon
Thanks
if you have valid ssl certificate and encryption key, then you only your data is accepted via ssl. Simply redirecting your website to use https protocol doesn't encrypt your data flow. And, this is what you were doing it. Right now, you are using heroku which does provide free SSL service if you use its domain.
So, if your website can be accessible via https://myapp.herokuapp.com and browser isn't giving any warning..then you are using SSL service.
This isn't applied if for custom domains. Your custom domain will still be accessible with https://www.example.com but it it SSL enabled.

Does iOS send HTTPS requests through the HTTP proxy?

I am trying to write up an HTTP proxy server in node.js, and I have successfully managed to route unsecure HTTP connections through it. But when applications (on my iOS device) use HTTPS for APIs 'n such, it always throws an error, and the attempted HTTPS connection never hits the server. So there are a few explanations of what could possibly be happening:
iOS chooses not to send HTTPS connections over the proxy for security reasons
iOS is looking for an HTTPS connection at the server on a different port, but can't find one
Basically what I am asking is: What does iOS do with HTTPS connections when an HTTP proxy is configured?
Please ask for any details or further questions in the comments. Thanks.

Resources