Steps to Create a Security Certificate
WSS requires that the browser has a root certificate of authority (CA)
to communicate securely to another (server) process which uses a server
side certificate compatible with the CA. The following is an example on
how to create the certificates using OpenSSL.
Apple's Safari is moving to a 398 day certificate expiration policy
effective September 1, 2020. Any two-year certificates created before
August 31st will still work until their issued expiration date.OpenSSL Windows Example:
OpenSSLBatchScript.zip->createWindowsCertificate.bat
Ensure
to set the path to the openssl.cnf within the
createWindowsCertificate.bat file before running.
An example can be
found commented in the createWindowsCertificate.bat.
Windows Open SSL binaries:
OpenSSL OSX Example:
OpenSSLBatchScript.zip->createfilesMac.sh
OpenSSL is installed on Mac by default
To merge and simplify the instructions for Windows workstations in both the .bat file and the sbulletsupport topics:
1. Download OpenSSL
The following link should have what you need. You need to select
==> https://slproweb.com/products/Win32OpenSSL.html
Assuming you are on a 64-bit machine, the option "Windows64 OpenSSL v3.0.0" in the list, should be what you download (https://slproweb.com/download/Win64OpenSSL-3_0_0.exe)
2. Once you download, please follow the instructions and install the binaries on your machine.
3. Once everything is installed, create a new directory at a convenient place. Copy and paste the following files from following locations into this newly created directory:
==> From the OpenSSLCreateCertMacWin folder that you downloaded and extracted from sbulletsupport website
- CreateWindowsCertificate.bat
-v3.ext
==> From the C:\Program Files\OpenSSL-Win64\bin (unless you installed the open SSL at a different location)
-openSSL.exe
4. If you do have an existing configuration file for creating OpenSSL certificates, pls provide access to that in the .bat file (right click and edit the .bat file and set the OPENSSLCONFIG= option to point to the right location)
If you DO NOT HAVE one, the batch file will create one for you during execution (Command Prompt). You will be prompted to input the necessary information:
Per comments in the .bat file:
==> Common Name (CN) specified in this step should be 127.0.0.1, or the CN must match the wss address used by the app.
Example:
Country Name: US
State: Florida
Locality: Pensacola
Organization: Example Company
Unit Name: EC
Common Name: 127.0.0.1
Email: support@examplecompany.com
==> you can just press enter and skip for "extra" attributes
1. Download OpenSSL
The following link should have what you need. You need to select
==> https://slproweb.com/products/Win32OpenSSL.html
Assuming you are on a 64-bit machine, the option "Windows64 OpenSSL v3.0.0" in the list, should be what you download (https://slproweb.com/download/Win64OpenSSL-3_0_0.exe)
2. Once you download, please follow the instructions and install the binaries on your machine.
3. Once everything is installed, create a new directory at a convenient place. Copy and paste the following files from following locations into this newly created directory:
==> From the OpenSSLCreateCertMacWin folder that you downloaded and extracted from sbulletsupport website
- CreateWindowsCertificate.bat
-v3.ext
==> From the C:\Program Files\OpenSSL-Win64\bin (unless you installed the open SSL at a different location)
-openSSL.exe
4. If you do have an existing configuration file for creating OpenSSL certificates, pls provide access to that in the .bat file (right click and edit the .bat file and set the OPENSSLCONFIG= option to point to the right location)
If you DO NOT HAVE one, the batch file will create one for you during execution (Command Prompt). You will be prompted to input the necessary information:
Per comments in the .bat file:
==> Common Name (CN) specified in this step should be 127.0.0.1, or the CN must match the wss address used by the app.
Example:
Country Name: US
State: Florida
Locality: Pensacola
Organization: Example Company
Unit Name: EC
Common Name: 127.0.0.1
Email: support@examplecompany.com
==> you can just press enter and skip for "extra" attributes
We highly recommend that you use a configuration file for ease of use. Not using one will require you to input the required values twice, once for each openssl command.
5. Double check to make sure you have all three files needed in the same directory (createWindowsCertificate.bat,v3.ext,openssl.exe) and run the .bat file in command prompt like (createWindowsCertificate.bat) and follow/fill out the attributes.
All necessary certificates will be created.
Once created, all you need to do is to make sure the certificates files are in the same directory as the Ranger Remote installer, and during Ranger Remote installation you choose the wss install option.
5. Double check to make sure you have all three files needed in the same directory (createWindowsCertificate.bat,v3.ext,openssl.exe) and run the .bat file in command prompt like (createWindowsCertificate.bat) and follow/fill out the attributes.
All necessary certificates will be created.
Once created, all you need to do is to make sure the certificates files are in the same directory as the Ranger Remote installer, and during Ranger Remote installation you choose the wss install option.
Copyright © 2023 Silver Bullet Technology
www.sbullet.com
www.sbullet.com
Related Articles
Silver Bullet Signed Certificate Policy
Silver Bullet Technology, Inc. has the ability to use Web Socket Secure (WSS) communications with its Ranger Remote client/server platform. This security layer requires the use of signed certificates to create this secure connection. For the security ...What Are the Steps to Resolve a Missing Windows DLL?
If you receive the above dialog when attempting to run RangerFlex, the steps to resolve this issue are as follows: How Do I Uninstall All Ranger Components? Unplug the device from the computer Uninstall all Ranger Components Update Windows. This can ...Should I create a new project or use the sample plug-in code?
We recommend that you create a new plug-in project and copy in the code that you need from our sample projects. Ranger® - The universal check scanner interface Copyright © 2023 Silver Bullet Technology www.sbullet.comHow do I use NSIS to create an installer for my plug-in?
The plug-in SDK page on sbullet.com now contains a link to a zip file containing all essential installers for NSIS. The zip file contains simple instructions, an NSIS installer from the NSIS website, and valuable includes libraries for your NSIS ...What is the plug-in certification process?
Since our certification process is evolving, we will not charge you for the first certification. There are the high-level certification steps: Send us a scanner to test with. Email us your plug-in some source code and TransportInfo.ini and ...