SSL and Frontier

[h4ns...@gmail.com]

Hi all,

I have to run an old Frontier 7 install on a Mac with system 9.2 with SSL.

So far I only found TLS.root to get it done, but it needs a license 350 $ to run it - sold by defunct Userland.

My installation only returns:
"TLS Server: No License
No valid license for the TLS server has been found. See http://tls.macrobyte.net/ for information on purchasing and installing licenses."

So gather that I am stuck here, right? Are there other options get SSL on Mac 9.2?

Yes, I know I am 10 or so years late to the party. Or are there options to run a SSL server for OS X?

Best regards,
Hans

[Ted Howard]

Take a look at this link:

http://worknotes.scripting.com/october2012/101312ByDw/tlsrootOnWindows

I realize that the language is Windows specific, but if memory serves, this also includes a PPC Mac version. The OS X workaround mentioned on the blog post was because we didn’t have the source to the TLS dll and couldn’t rebuild it for Intel.

Ted

[h4ns...@gmail.com]

Thanks, Ted - tried it on our PPC Mac before posting.

Install ran fine, tls.dll is in the appropriate folder, but tls.licensing.checkLicense() fails to run - seems that the httpsServer won't work without one, the httpsClients works.

on checkLicense( ) {
    local( dllPath = file.folderFromPath( Frontier.getProgramPath( ) ) + "DLLs" + file.getPathChar( ) + "tls.dll" );
    return boolean( dll.call( dllPath, "checkLicense" ) )}

I re-ran the install, deleted everything before: TLS Server: No License...

Just tried to check http://tls.macrobyte.net , but the site is offline today.

Is there a way to "generate" a license or re-use an existing one?

[Dave Winer]

This is for you...

http://hellofrontier.com

Dave

--
You received this message because you are subscribed to the Google Groups "frontier-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to frontier-use...@googlegroups.com.
Visit this group at http://groups.google.com/group/frontier-user.
For more options, visit https://groups.google.com/d/optout.

--
Typed on an iPad with fat fingers.

[h4ns...@gmail.com]

 Dave Winer:

This is for you...

http://hellofrontier.com

Thanks Dave, I already tried OPML. Is the OPML verb kernel(webserver.server) able to de/encrypt SSL traffic?

How would I configure OPML to handle https connections?

[h4ns...@gmail.com]

Plan B:  OPML behind Apache with SSL

Might that be a solution?
http://serverfault.com/questions/25423/apache-virtualhost-with-mod-proxy-and-ssl

Will test it, but lacking resources (and know-how) today.

[Jake Savin]

Running behind an Apache proxy is probably your best bet if SSL/TLS is a must-have for you.

-Jake

[h4ns...@gmail.com]

Jake, you are right for OPML.

If a TLS.root licence fell from the skies, it would make things easier. Swithing machines, updating .roots, changing to a new OS X database app etc. is much more work than I had anticipated.

[Ted Howard]

On March 11, 2015 at 5:05:27 PM, h4ns...@gmail.com (h4ns...@gmail.com) wrote:

Jake, you are right for OPML.

If a TLS.root licence fell from the skies, it would make things easier. Swithing machines, updating .roots, changing to a new OS X database app etc. is much more work than I had anticipated.

Another option is to run Apache with mod_proxy on a different machine. My understanding is that it can proxy requests to other machines, so you could stand up a linux or OS X box with Apache that just forwards the requests on to your OS 9.2 machine.

Ted

[h4ns...@gmail.com]

Ted,

that would be the first think to test. The Apache manuals show an option to additionally have mod_ssl encrypt the relayed request. My hypothesis is, that a request would be decrypted by Apache before it gets relayed to the target server.

Plan A: have Apache proxy the request to my remote Mac 9.2 / Frontier 7
Plan B: swap servers and run OPML on Mac OS X behind Apache
Plan C: look/hunt/pray for TLS.root licence

Will know more in the coming days... If anyone tried A or B, I would be happy to hear about it.