Loading Multiple Certificates (wodWebServer / wodWebServer.NET)

Hi, I have purchased a certificate from a CA. What I get is my certificate and a certificate bundle (for the complete certificate path). They say that both must be installed on the server. They have instructions for doing this on Apache, etc. How can I load multiple certificates on wodWebserver? Thanks for any help with this.

Hi Marcus,

You can find here example how to insert certificate inside wodWebServer:
http://www.weonlydo.com/code.asp?did=Simple-HTTPS-server

Let us know how it goes.

Regards,
Drazen

This example works fine when I use my self-signed test certificate. However, my real certificate issued by the CA has 2 certificates BOTH of which they say must be loaded to the server. It appears that wodWebserver can load only one certificate at a time. What can I do?

Hi Marcus,

You can find here example how to insert certificate inside wodWebServer:
http://www.weonlydo.com/code.asp?did=Simple-HTTPS-server

Let us know how it goes.

Regards,
Drazen

Marcus,

Are you sure? Can you show us maybe that instruction for Apache server?

Drazen

Apparently one certificate is my SSL certificate and the other is the Intermediate Certificate. This completes the chain-of-trust according to the CA. Instructions for Apache are Here. Instructions for IIS7 are Here.

Marcus,

Which component are you using wodWebServer ActiveX component or wodWebServer.NET component?

Drazen

ActiveX

Marcus,

Which component are you using wodWebServer ActiveX component or wodWebServer.NET component?

Drazen

Marcus,

We added LocalCertBag Property inside wodWebServer. You can use it to load chain certificate inside this property.

Your certificate should loaded on same way as before inside wodCertificate object.

In order to get update for our product, please go to:

http://www.weonlydo.com/index.asp?update=1

This is automated process. Make sure you use same email address that is registered with our system, one you used when you have purchased the product.

Drazen

Thanks for the rapid response. It seems to almost be working.

The LocalCertBag appears to either not load both certs out of the gd_bundle.crt intermediate certificate bundle file or is not serving them both to the client.

I setup our server (on port 443) and an Apache server (on port 43443) on the same PC. Then I used a tool from DigiCert to query the served certificate chain here.

The tool shows 2 intermediate certs from Apache and only 1 from wodWebserver. I can email you the screenshots if necessary.

Marcus

Marcus,

We added LocalCertBag Property inside wodWebServer. You can use it to load chain certificate inside this property.

Your certificate should loaded on same way as before inside wodCertificate object.

In order to get update for our product, please go to:

http://www.weonlydo.com/index.asp?update=1

This is automated process. Make sure you use same email address that is registered with our system, one you used when you have purchased the product.

Drazen

Marcus,

Yes please, we need to duplicate this somehow. You can send it to techsupport@weonlydo.com

Drazen

Would you please add the LocalCertBag Property for wodWebServer.net.
I've got the same problem.
Thanks.

Hi Jeremy.

Can we duplicate this problem somehow? If your certificates are registered with Windows, there is no need for local certificate bag.

Jasmine.

Yes. It will work if the certificates are registered with Windows.

But sometimes, we want to deploy the certificates file with software and do not want to register the certificates, using cert.Import method is the best solution.

Dim cert As System.Security.Cryptography.X509Certificates.X509Certificate2

wodWebD1 = new WeOnlyDo.Server.WebServer

cert.Import("certificate.pfx", "certificate_password", Security.Cryptography.X509Certificates.X509KeyStorageFlags.Exportable)

wodWebD1.Certificate = cert

Hi Jeremy.

Did you try just to create your own X509Store to see if it is used within same process with wodWebServer.NET? I believe that should work:

X509Store

So, create a store and add your certificate in it.

Jasmine.

Thanks,
I'll try it.