stevenroose · June 4, 2021 06:25 · Nov 29, 2014 · Nov 29, 2014 · Nov 29, 2014
diff --git a/setup_ssl.txt b/setup_ssl.txt
@@ -32,4 +32,6 @@ openssl pkcs12 -export -out my_domain.p12 -inkey my_domain.key -in my_domain.crt
 # add the key to the database
 pk12util -i my_domain.p12 -d sql:.
 
+# put the 2 .db files into the bin/ folder of the Dart server project
+
 # celebrate
diff --git a/setup_ssl.txt b/setup_ssl.txt
@@ -26,11 +26,6 @@ certutil -d sql:./ -A -t "P,," -n my_domain -i my_domain.crt
 # with this config, the server (its a primitive Dart server) gives this error:
 # > Cannot find private key for certificate
 
-# ----------
-# so I tried to add the certificate as suggested by
-#  Eric Darchis    (http://stackoverflow.com/a/27176982/749521) and
-#  Andrew Schulman (http://serverfault.com/a/647708/125529)
-
 # convert the private key to a pkcs12 key (thanks to Eric Darchis, http://stackoverflow.com/a/27176982/749521)
 openssl pkcs12 -export -out my_domain.p12 -inkey my_domain.key -in my_domain.crt -certfile COMODORSADomainValidationSecureServerCA.crt
 

diff --git a/enable_ssl.dart b/enable_ssl.dart
@@ -0,0 +1,19 @@
+
+void enableSSL() {
+  // the password used for the certutil db
+  var sslPassword = ""; 
+
+  // the certificate subject
+  //  retrieved from certutil with command 
+  //   > certutil -d sql:. -L -n my_domain
+  //   and look for the "Subject: " line under certificate data
+  var certificateName = "CN=mydomain.com,OU=...";
+
+  // init 
+  SecureSocket.initialize(database: ".", password: sslPassword);
+
+  // bind
+  HttpServer.bindSecure(host, sslPort, certificateName: certificateName).then((server) {
+    // ...
+  });
+}
diff --git a/setup_ssl.txt b/setup_ssl.txt
@@ -0,0 +1,40 @@
+
+# generate new private key
+openssl req -out my_domain.csr -new -newkey rsa:2048 -nodes -keyout my_domain.key
+
+# send the CSR to the SSL provider to issue a certificate
+# files received from SSL provider:
+#  - AddTrustExternalCARoot.crt
+#  - COMODORSAAddTrustCA.crt
+#  - COMODORSADomainValidationSecureServerCA.crt
+#  - my_domain.crt
+
+# create a new database
+certutil -d sql:. -N
+
+# add the root certificate (from SSL provider)
+certutil -d sql:./ -A -t "C,," -n AddTrustExternalCARoot -i AddTrustExternalCARoot.crt
+
+# add intermediate vertificates (from SSL provider)
+certutil -d sql:./ -A -t ",," -n COMODORSAAddTrustCA -i COMODORSAAddTrustCA.crt
+certutil -d sql:./ -A -t ",," -n COMODORSADomainValidationSecureServerCA -i COMODORSADomainValidationSecureServerCA.crt
+
+# add my domain certificate (from SSL provider)
+certutil -d sql:./ -A -t "P,," -n my_domain -i my_domain.crt
+
+
+# with this config, the server (its a primitive Dart server) gives this error:
+# > Cannot find private key for certificate
+
+# ----------
+# so I tried to add the certificate as suggested by
+#  Eric Darchis    (http://stackoverflow.com/a/27176982/749521) and
+#  Andrew Schulman (http://serverfault.com/a/647708/125529)
+
+# convert the private key to a pkcs12 key (thanks to Eric Darchis, http://stackoverflow.com/a/27176982/749521)
+openssl pkcs12 -export -out my_domain.p12 -inkey my_domain.key -in my_domain.crt -certfile COMODORSADomainValidationSecureServerCA.crt
+
+# add the key to the database
+pk12util -i my_domain.p12 -d sql:.
+
+# celebrate
No results found