Page 1 of 1

SSL for VRS web server

Posted: Thu Sep 08, 2016 7:47 am
by PenicuikWeather
Hi Guys

I use VRS output within an iframe on my website, which I want to move to SSL.

Can I apply a cert to the VRS web server?

Thanks in advance.

David

Re: SSL for VRS web server

Posted: Sun Sep 18, 2016 11:40 pm
by agw
I'm afraid not. HttpListener, which is what VRS is using, does support SSL but VRS only sets up bindings to http://, not https://.

I'll add an item to the list to take a closer look at adding SSL support.

Re: SSL for VRS web server

Posted: Mon Sep 19, 2016 9:58 am
by PenicuikWeather
Hi

That would be excellent if you could - I want my whole site to be SSL which when some components and pages are not, causes hassle.

THANKS

David

Re: SSL for VRS web server

Posted: Tue Mar 14, 2017 10:53 pm
by Dutchradar
its now 2017, i want to know if it's possible to use HTTPS instead of HTTP.

Kindregards,
Michel Rakhorst
Dutchradar.nl

Re: SSL for VRS web server

Posted: Wed Jun 07, 2017 2:35 pm
by Aardvark
This has actually become something of a critical issue now. I am no longer able to use the "Use GPS location" option in many cases. iOS 10 and the Chrome browser now restrict location services to https:// connections only. Firefox DOES still allow location sharing with non-secure connections so I use that browser on my Windows laptop. Desktop systems I manually set the location since they do not move locations.

Going forward this will become more of an issue and is certainly an issue on iOS devices. Personally I think it should be an optional setting on iOS as you are basically forced to purchase an SSL certificate. But that is neither here nor there since I do not work for Apple. There are free options for certficates but support for them has been lacking on various platforms. I was using StartSSL for a while but they have been blacklisted and no longer work with iOS or other browsers. A real pain.

Re: SSL for VRS web server

Posted: Fri Jun 09, 2017 1:09 am
by agw
I'm currently in the middle of rewriting part of the server component of VRS to make it OWIN compliant. As a part of that I plan on opening up the bindings that the site uses. The next preview will include the OWIN compliance work, but it's still a ways off.

I had noticed the geolocation messages coming out of Chrome. I think for many users it's basically going to mean the end of auto-location for the mobile page. Getting VRS to accept SSL connections is trivial from a programming perspective but acquiring and installing the SSL certificate that HTTP.SYS needs to see in order for it to work, and then renewing it every time it expires, is going to be a challenge for a lot of people.

Re: SSL for VRS web server

Posted: Wed Jan 03, 2018 11:18 pm
by taubin
Hopefully it's okay to ask this, but has there been any progress made towards this? A lot of servers use letsencrypt now, which makes the installation and renewal of certs pretty easy. I'm running VSR on my desktop, behind an nginx proxy with a valid certificate, but I'm unable to view the site itself encrypted.

If it's there and I missed it I sincerely apologize. I checked the preview forum and the latest is from Feb 2017 (before this topic was revisited).

A small suggestion for getting around the issue with people and their certs, maybe put a disclaimer stating the addition and setup of ssl certs are the responsibility of the end user and not directly supported.

Thanks for the program, I love it!

Re: SSL for VRS web server

Posted: Sat Jan 20, 2018 12:58 am
by agw
Not specifically towards SSL certificates, but one of the things that I've been doing with v3 is rewriting the web server side so that instead of my own hand-rolled server the site is an OWIN web application (http://owin.org/) and the standalone web server that ships with VRS will be Microsoft's Katana self-hosting server.

The server rewrite is pretty much finished, the latest preview introduces the Katana and OWIN bits. OWIN will eventually let you host VRS using any web server that has an OWIN interface written for it, although support for that is not yet in place. But, when it's done then if the server supports SSL then you can use SSL with it. The intention is to have support for running VRS under IIS with the release of v3 (some time this year).

Katana isn't that different from using HttpListener directly to implement a web server, which is what I was doing before, so the same problems that existed with using SSL with the old web server still exist with Katana. You will need to configure HTTP.sys to handle the SSL certificate for the site and that is not something most users would be comfortable doing. It'll need something building up around it to handle the configuration side.

I've been using letsencrypt-win-simple (https://github.com/Lone-Coder/letsencrypt-win-simple) for my LetsEncrypt setup on the servers and it's been very good. I think it's IIS-only but I noticed yesterday that they've moved to a plugin architecture, and some of the things that you can mess around with is where the certificate gets stored and what gets configured... so there might be something that could be done with that to adapt it to configuring either v3 or v2.4 of VRS. Maybe.