Servoy 2020 Documentation
Child pages
  • Network Related Settings

Versions Compared

Old Version 80

changes.mady.by.user Paul Bakker

Saved on

compared with

New Version 81

changes.mady.by.user Paul Bakker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In order to create a secure HTTPS connector a keystore with a signed SSL Certificate is required. The created keystore needs to be added to the Tomcat server installation that is part of the Servoy Application Server, located in ../application_server/server. It's a best practice to place the keystore in the {servoyInstall}/application_server/server/conf/ directory. Note that the same keystore can be used to encrypt the traffic between Smart Clients and the Servoy Application Server. See #SSL SSL Encryption for more details.

...

Additionally, the value of the port attribute needs to be brought in sync with the value of the redirectPort attribute of the standard HTTP connector (or vise versa), as the redirectPort attribute on the HTTP connector is used to redirect HTTP traffic to HTTPS when required, see #Enforcing Enforcing HTTPS for all traffic. The value for the port can be any value. By default the redirectPort number on the HTTP Connector is set to 8443, but any value, including the default HTTPS port 443 is possible.

...

SocketFactory.useSSL: set to true 1
SocketFactory.compress: set to true

SocketFactory.tunnelUseSSLForHttp: set to false if tomcat is configured in https else true, see #SSL SSL Encryption

1: SSL can also be turned off, but for security reasons it is advised to have SSL Encryption turned on when possible.See #SSL SSL Encryption for additional settings.

...

The created keystore needs to be added to the Servoy Application Server installation. Best practice is to place the keystore in the ../application_server/server/conf directory. In this location the keystore is then also available to the Tomcat server underlying the Servoy Application Server and thus the same certificate can also be used for serving HTTPS content (see #Enabling Enabling HTTPS).

After making the keystore available to the Servoy Application Server, the Servoy Application Server needs to be told where the keystore can be found and configured to use it. The relevant settings are exposed under the Network Settings on the Servoy Admin page:

...

Connection mode

Proxy Supported?

Config

Comments

Two-Way Socket

No

N/A

Two-way socket communication cannot be instantiated by the Smart Client inside Java WebStart if Java WebStart is configured to run through a proxy.
The Smart Client will fall back to Direct Connection mode, which might work, as it requires the Servoy Application Server to be able to reach each individual client machine an any random port

HTTP Tunnel

Yes

Not required by default

It's possible to explicitly specify the proxy url, username and password, through #Advanced Advanced HTTP Tunnel configuration

Socket Tunnel

Yes

 

No configuration required

 

 

...