Installing the web server
To install the web server, proceed as follows:
- Open the address of the web server in your web browser
The following browsers are supported:
- Mozilla Firefox (version 32.0.0 onwards)
- Google Chrome (version 37.0.0 onwards)
- Microsoft Internet Explorer (version 10 onwards)
When you load the web server for the first time, you need to have set up the following:
HTTPS communication uses its own versiondog certificate: server.pm. Some browsers recognise this certificate as not trusted and display a warning. You have the following options to continue with the opening:
- Such warnings can simply be ignored in most cases (Refer to link at the end of the page) If you decided to do this, ensure that the warning will always be bypassed every time.
- The certificate can be deemed to be trustworthy. This is of particular advantage for test purposes. This step is to be done for every device manually. This is therefore different for every device. Please keep in mind the security risks that this act can entail.
- The versiondog certificate can be replaced by your own certificate. This is the costliest and securest option.
The AUVESY certificate can be found in the installation folder of the server under the path ...\Resources\cert.
Requirements for own certificates
A certificate signing request (CSR) will be required. You can obtain the necessary information from the respective certification authority. Thereupon you will receive the certificate.
We ourselves neither issue nor countersign such certification.
Certificates have to be provided in PEM format. To check whether a certificate is available in this format, open the file in a text editor (e.g. Notepad) The file needs to contain the following rows:
[A few signs]
-----BEGIN RSA PRIVATE KEY-----
[ Many signs]
-----END RSA PRIVATE KEY-----
The number of hyphens has a meaning. This is therefore not allowed to be changed.
The certificate in PEM format can also consist of two files, a file with BEGIN CERTIFICATE and END CERTIFICATE and two files with BEGIN RSA PRIVATE KEY and END RSA PRIVATE KEY.
In the case that the BEGIN CERTIFICATE as well as BEGIN RSA PRIVATE KEY rows are present in the document, it consists of a combination of certificate and key in a file. The respective values of the INI file have to be refered to in this file. Refer to Example configuration in making changes in the file Config.ini
Making changes in the file Config.ini
To use another certificate, you need to modify the Config.ini file. Your Config.ini file needs to include the path to the certificate, the private key and the corresponding dh2236.pem-file. (In the case of file dh2236.pem, it concerns a Diffie-Hellmann Parameter,which is used in cryptography.)
You can find the Config.ini file in your server archive under the path ...\VD$A\WebServer.
After replacing the certificate, the web server needs to be deactivated then reactivated.
FAQ:: The web server is set up with the versiondog certificate. Why can't versiondog MobileApp be used on my iOS-smartphone?
The versiondog certificate is a self-signed, and therefore from Apple's point of view an untrusted certificate. To use it, the certificate must be added to the iOS device.
The easiest way to do this would be:
For more information, please contact Apple support.
Solving problems when setting up the web server
If you cannot reach the web server, this can have a variety of causes. Verify the following:
- Are the ports unlocked?
In the case the firewall has blocked the ports, enable them. The default port for HTTP is 80, the default port for HTTPS is 443.
- Start the AdminClient and open the module Global settings.
- Click on the Webserver button and change the port number for HTTP and HTTPS in the Port field.
- Confirm by clicking on OK.
- Are you running the versionsdog server from a different web server (Apache, Nginx etc.) that is blocking the ports?
If yes, then switch to other ports.
- Does the user have the required rights needed in order to start the web server?
If not, please contact your versiondog administrator.
- Are the processes VDogWebServer.exe and VDogReportingServer.exe running?
Use the Windows Task Manager to check if the processes are running. If this isn't the case, restart VDogMasterService.
- Are you using private keys?
If so, make sure that these are not password protected. The use of password protected private keys with the web server is not supported by versiondog. The field for entering the password will not appear and as such it is not possible to start the web server. When exporting private keys, please be aware that they exported without password protection, otherwise it is not possible to use the web server.
Support for password protected private keys for future versiondog Versions is being considered!
- Are you using Microsoft Internet Explorer and experiencing problems when you try to display the web server?
If so, deactivate the compatibility view. In Internet Explorer 11, for example, proceed as follows:
- Open Internet Explorer, click on Extras and then Compatibility View Settings.
- Under Websites you've added to Compatibility View: select a web server entry, click on Remove and then deactivate the check box Display Internet sites in compatibility mode.
FAQ:: The versiondog web server will not open. What could the potential problem be and how can this be solved?
If a webserver is already active on the computer on which the versiondog web server is installed, you will no loner be able to start the versiondog web server. The cause of this is that ports 80 (HTTP) and 443 (HTTPS) are used as standard for every web server and a port can only ever be used for a single application.
If it all possible, both system should be kept seperate, and if possible, on two different servers (virtual or real) with different IP addresses.
If variant 1 is not possible, you will to ensure that one of the two servers that it uses different ports. This however brings the disadvantage that the port number needs to attached to the adress with a colon when you access this webserver via the browser. (This is not necessary with standard ports)
Proceed as follows:
The path to your web server may contain special characters (= non ASCII characters). A possible solution is the following: Uninstall versiondog and reinstall versiondog with the existing server archive (archives are never deleted when you uninstall versiondog). Select a path without special characters for the new installation. Set up the WebClient again and call it up in the browser.
If you have tried all scenarios listed above but still continue to experience problems with the web server, please contact support and send in the files in the directory: vdServerArchive/VD$A/Webserver.
Encryption processes that are not purported by versiondog
The encryption is carried out using open SSL. OpenSSL is a free available implementation of the encryption protocols SSL and TLS based on Open Source Software. The OpenSSL Library utilises various tools and is written in C programming language. It is widespread on web servers.
The following SSL Ciphers in versiondog are deactivated by default:
- Certificates based on RC4
- Key size smaller than 128 Bit
AUVESY recommends to leave this default as unchanged and possibly to expand as unsafe unclassified SSL Ciphers when appropriate. SSL Ciphers mentioned in this section can however be reactivated. (Not recommended), refer to FAQ.
FAQ::How do you activate/deactivate SSL Ciphers in the Web Server?
SSL Ciphers can be deactivated/ activated in the Web Server's configuration file. The file is located on the versiondog server in the path
In this example, all SSL Ciphers are allowed (default), except for EDH-RSA-DES-CBC-SHA, DES-CBC-SHA, every type of RC4 Cipher, SEED and IDEA. All banned SSL Ciphers have to be entered in this row via the Syntax! <Name> and separated using a double colon. A complete list of all available Ciphers can be found on the following link: https://www.openssl.org/docs/man1.0.2/apps/ciphers.html.