This is an update to a previous post on using SqueakSSL with Seaside but with specific instructions for Windows.
Note: If you are a long-time user of SqueakSSL, you will want to update both the SqueakSSL packages as well as download the latest plugin since there have been a few changes done for this article.
Using Seaside with SqueakSSL on Windows is not much different from using it on Linux. The biggest difference is in handling certificates which is poorly documented by Microsoft and often a guessing game. So before we begin with the actual content we need a brief introduction to working with certificates on Windows:
1. Creating Certificates
Windows uses (mostly) .pfx files for storing certificates. Your CA (if you bought a certificate) might be able to give you one right away but often you will end up with a .cert or .pem file and have to convert those. Fortunately, this can be done using the OpenSSL toolchain. For example, when converting mycert.cert and mycert.pem into mycert.pfx run openssl as follows:
openssl pkcs12 -inkey mycert.pem -in mycert.cert -export -out mycert.pfx
Voila, there is your .pfx file. And if you have any other certificates that you need to convert, spend some time with the openssl documentation. It’s worth it.
2. Importing Certificates
On your windows box, make sure you’re logged in as the user you want to run Seaside under. Next, open the explorer and navigate to the .pfx file you want to import. You should make sure that the icon for the file includes a little key in it – what that means is that the certificate includes a private key which is required for the use by SqueakSSL. If the certificate has no private key it will not work.
Double-click on the file to import it into the certificate store. This will open the Certificate Import Wizard. Go through the Wizard (all the defaults should be okay) and the import should complete successfully.
3. Finding Certificates
Once imported you will want to check that the certificate is in the proper location. Unfortunately, Microsoft makes finding certificates amazingly difficult. First, run the “mmc” command (i.e., go to the start menu, type “mmc” into the run command box, and hit enter to launch it). Inside MMC, go to “File”, “Add/Remove Snap-in…”, select “Certificates” from the left list, and hit the “Add” button. Choose “My user Account” when asked for the account from which to view certificates, and then hit “Finish”, and “OK”. Inside MMC, you will now see the certificates. Open the tree, and select the certificates under “Personal”. You should be able to see your imported certificate like here:
Note that you can import certificates from here as well. But more importantly, you can right-click on the certificate, select “Properties” from the context menu and edit the “Friendly Name” for the certificate. This is important since the friendly name is what will be used by SqueakSSL to select the proper certificate.
4. Using the Certificate
Once you have installed the certificate, you can follow the instructions from the previous post with the following adjustments:
- Download and Launching Squeak:
Launch Squeak.exe instead of squeak.sh
- Download and install SqueakSSL:
Put the file SqueakSSL.dll from the binary download next to Squeak.exe
- Install SqueakSSL and WebClient:
No changes here.
- Setting up Seaside:
Instead of the path to the .pem file use the “Friendly Name” of the certificate
- Trying it all out:
No changes here
Once everything is done, you’ll have Seaside running with SqueakSSL on Windows.