Fri 22 Jul 2005
A Standalone Web Server Configurator?
Category : Technology/WebConfigStandalone.txt
I'm still not sure I can guarantee near faultless SSH Remote Login set-ups because there seems to be a wide variance in the state of people's machines. For example, WebMon will break if somebody has used SSH Helper to set up SSH before. Now, with WebMon as it currently is, if you can't get past the SSH Connection part, then you can't get at all the other goodies, like WebDAV and SSL.
Like Postfix Enabler before it, WebMon works best with a plain un-customised OS X machine. If you take a freshly installed Mac Mini, say, then Postfix Enabler, DNS Enabler and WebMon will all work fine, out of the box.
The SSH part makes WebMon a little bit more brittle than the other two, which currently only work on the local machine. So I'm mulling over doing a standalone Web Server configurator. (But it's on to DNS Enabler, next.)
However, if WebMon's SSH set-ups really turn out to work OK, as I get feedback from the people using it, then this configuration could prove to be potentially very powerful. For example, one could use WebMon running on a PowerBook to configure (and monitor) any number of different servers. And WebMon will keep all their configurations straight.
So I haven't given up on this, yet.
Posted at 6:24PM UTC | permalink
WebMon 1.1.2 with SSL
Category : Technology/WebMon112.txt
WebMon can now set up PHP, WebDAV, and SSL for a plain Mac OS X machine running Apache via the Personal Web Sharing panel in System Preferences.
This is WebMon 1.1.2 with SSL support.
It'll allow you to serve out encrypted web pages on the alternate Port 443, using the self-signed "test" SSL certificates that it'll help you create. And all with just one click.
If you find that SSL works OK using the test certs, you can proceed to get "real" "live" certs from any of the certification authorities (CA's) using the Generate Certificate Request button. This will generate a block of text called the certificate request that you'll need to send to a CA. WebMon provides the interface for setting the various fields that a CA will require, e.g., the domain name, organisational unit, locality and country code.
The workflow works like this : after you've found yourself comfortable using SSL and things work OK when you type https://yourwebsite.com on your browser rather than plain http, you can check that the data you need to submit to a CA is correct. Then hit the Generate Certificate Request button. The block of text, above, that you see actually contains all the data that you entered into the WebMon fields.
Now you can go to a CA like freessl.com and try out their free one-month live certificate. I encourage you to try it because it's fun and it won't cost you a thing (yet, unless you opt to buy the cert in which case it's actually [Ok, admittedly] quite cheap now compared to a couple of years ago).
When the CA asks you for the Certificate Request (CSR in their parlance), paste the block of text generated by WebMon.
Then follow thru with the CA's procedure. (Freessl's system is really smooth and I think there's a lot any web-based business can learn from them.) At the end of the process, which takes less than 5 minutes, you get your cert, which is another block of text that looks like the CSR.
You copy this block of text, click on WebMon's Save Certificate From CA button, paste it into the field provided, and hit the Save Cert button. Then close the dialog box, make sure Use Test Cert is unchecked (because you're going to use a "live" cert now), and hit the Configure SSL button.
This time, Apache will use the "live" cert. If everything works OK, you can check this via your web browser - that you've got a legal functioning live cert (albeit for a month).
This is the process that I've always wanted to build, ever since I've learnt how to do it all manually. Before, if I didn't do this for a month, I'll need an hour just to figure out all the steps again. Now, it's just like Postfix Enabler - once I've systematised all these steps into just a few clicks, I'm able to clear the space in my brain for a lot more useful other things.
Posted at 1:52PM UTC | permalink