Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
Otter in https instead of http
-
How can I use inedo otter in https instead of http?
-
This is configured outside of Otter, and is handled by the web server - either IIS (Windows) or nginx (Linux/Docker).
Getting HTTPS on Windows is "relatively easy" - you can use something like WInACME to install a LetsEncrypt certificate, or you can install one issued by your organization. We don't yet have step-by-step documentation on how to do this , but it's something we're writing.
Here is instructions for Linux:
https://docs.inedo.com/docs/https-support-on-linuxIs that helpful? Please let me know :)
Cheers,
Alana
-
Hi Alana,
Thanks for the reply.
I have installed Otter in a windows box, but not using the IIS option.
If it was installed in IIS i could deploy the cert there without a problem, but i don't know how to do it using the native otter webserver.
Could you please advise?
Best Regards,
Marcelo Carvalho
-
In this case, you'll want to switch to IIS hosting:
https://docs.inedo.com/docs/various-iis-switching-to-iisYou may find it easier to uninstall/install as well (note: the database will remain the same, and nothing is deleted).
Cheers,
Alana
-
Thanks for the support, tried doing the manual execution, but the documentation doesn't quite match the installation, so I went with the removal and installation of the sftware to get the website issue sorted.
-
Can you do that step-by-step documentation for enabling HTTPS ASAP? Microsoft released Visual Studio 2022 v17.3 yesterday which includes Nuget v6.3, and with it comes a new compiler warning NU1803, which is thrown when using a Nuget server via HTTP and not HTTPS. Because many of our projects are configured to "Treat Warnings As Errors", it has broken lots of our code. I'm trying to figure out how to enable HTTPS (without going through the trouble of enabling and dealing with IIS), but really can't find anything in the documentation, and just a smattering of loose advice in the forums that's hard to follow. As uptake of this latest update to Visual Studio takes hold, I think you're going to have more and more ProGet users looking for this guide.
Thanks,
-Mike
-
Hi @mike_2282 ,
If you want to use HTTPs, at this time you'll need to use IIS. It's really really easy to configure, which is why we prefer that instead of writing our own management interface for certificates.
Here's our guide for switching to IIS:
https://docs.inedo.com/docs/various-iis-switching-to-iisWe don't have a guide for "enabling HTTPS on IIS", but there's a ton out there.
If you don't have a org certificate, then just use https://www.win-acme.com/
That is a tool that will configure an IIS Site for SSL (using a certificate from LetsEncrypt), and and then created a scheduled task on Windows to renew that certificate every 90 days (i think).
-
Download the latest stable https://www.win-acme.com/ and extract to
c:\win-acme\<file-name>
-> Example: C:\win-acme\win-acme.v2.1.14.996.x64.trimmed -
Run wacs.exe as an admin
-
Run the "Create Certificate" option and select the site(s) to create certificates for; this process will be pretty self-explanatory, and will create scheduled jobs to renew the certificate
-
verify that you can now access your site via HTTPS as you expect
Note that certificates renew every 90 days (i think), so set a reminder to check before your users do.
Cheers,
Alana
-
-
Thanks, I've been giving the switch to IIS a go for the past couple of hours, but am having lots of odd issues. I can't go into them now (going to bed), but one thing of note is that either your IIS guide or installer should include ASP.NET Core Runtime 6.0.x Hosting Bundle. That slowed me down for a bit.
-
Hi @mike_2282,
Thanks for alerting us to this. I'll get that added to our documentation. Please let us know the other issues you find and hopefully we can get those addressed in our documentation also.
Thanks,
Rich
-
I hate to keep noising up this Otter-related thread, but here are my findings...
I finally solved my issues and have some more tips that should be added to your IIS migration documentation now that you've switched from .NET Framework 4.x to .NET 6.
-
I'm not sure if you still need to mention installation of .NET Framework / ASP.NET 4.x stuff via Windows Features anymore (this one is just speculation, as I'm not well versed in IIS and am not sure if any of your codebase still relies on any lingering .NET Framework 4.x bits).
-
After installing the aforementioned Hosting Bundle, my errors then became about SQL Authentication. Errors in the Windows Event Viewer showed that it was attempting to connect to the SQL server as the computer AD account, not a user/service AD account. Following step #4 from Microsoft's "ASP.NET Core 6.0 Publish to IIS Tutorial", I modified the ProGet Application Pool (which your guide gives creation instructions) to modify the "Identity" under "Process Model" in the "Advanced Settings" of the Application Pool. In my case, I changed this to he same AD Service Account that was previously being used to launch the your self-hosted web service
Lastly, in your current IIS guide in steps 2.3 and 2.4, you say to use the SC (Service Control) command using the Command Prompt. By habit, I am now always using PowerShell and did not realize that SC fails silently under PowerShell. Perhaps replace these with PowerShell Commands, or make note that the commands provided do not work under PowerShell. You did say "Command Prompt", which is correct. So, technically it's on me, but who knew that SC would fail silently under PowerShell -- I sure didn't. The PowerShell equivalent commands are "Stop-Service" and "Remove-Service".
Thanks for everything, I feel bad even talking to you all since I'm a freeloading unpaid user. I just hope I've repaid a tiny bit of your kindness with these documentation tips.
-mike
-
-
Hi @mike_2282,
Thank you for the feedback. I have made some changes to the documentation to address most of the issues you have brought up. Thanks again for the feedback!
Thanks,
Rich
