NetTalk Central

« previous next »
Pages: [1]

Author Topic: "Importing into the Windows Certificate Store"  (Read 2968 times)

Richard I

  • Sr. Member
  • ****
  • Posts: 381
    • View Profile
    • Email
"Importing into the Windows Certificate Store"
« on: June 03, 2019, 05:05:45 PM »
Hi Bruce,
In the post you kindly sent yesterday, you included a link to the docs  and I refer to the troubleshooting link, specifically.


"Importing into the Windows Certificate Store
NetTalk servers use the certificates from the certificates folder. Other servers on the machine may take their certificates directly from the Windows Certificate Store.

The certificates retrieved from LetsEncrypt will work on any server. Indeed a NetTalk server could fetch the certificates, and not actually serve any of the domains.

These two facts taken together are intriguing, and the benefits of automatically placing the certificates in the Windows Store are appealing. Since Cryptonite has the facility to import certificates into the store, if you add Cryptonite to the application then you can add a button to the settings tab which contains the following code;

s_web.acme.SetDomains(set:Domains)
s_web.acme.ImportAllPFX()

When the button is pressed all the certificates for the domains will be repackaged and imported into the Windows store."


This appeals but for me needs clarification,

I thought that certificates created were unique to the extension settings?
and if deploying this what would be populated in the extension template if the one certificate was being used over several subdomains?
Also, if I may,
I am wanting to use Amazon servers to host more that one iteration of my app for different clients
Amazon  only seems to allow one HTTPS 443 port
How would I get round that?
Can you elucidate?

Cheers
Richard

Logged

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11183
    • View Profile
Re: "Importing into the Windows Certificate Store"
« Reply #1 on: June 03, 2019, 11:37:07 PM »
Hi Richard,

>> This appeals but for me needs clarification,

Because you are running another web server on the same machine, one which takes its certificates from the windows certificate store?

>> I thought that certificates created were unique to the extension settings?

I'm not sure what you mean by "extension settings" here.
The only "unique" thing about a certificate is the domain name inside it. (Which comes from the domains list on the settings window at runtime.)

>> if the one certificate was being used over several subdomains?

we don't create one certificate with several subdomains. Rather we create one certificate per domain in your list.

>> I am wanting to use Amazon servers to host more that one iteration of my app for different clients

So one server per client? Or multiple clients all running on one server?

>> Amazon  only seems to allow one HTTPS 443 port

All OS's have this limit. Only one program can be listening on a specific port at a time. In other words one program can listen on port 443. Other programs can listen on other ports. Or better yet the one program can serve different databases to different clients depending on the domain (or user).

I'm not sure if I answered your question.

cheers
Bruce

Logged
Pages: [1]
« previous next »