by community-syndication | Apr 14, 2012 | BizTalk Community Blogs via Syndication
| Some domain registrars may let you request an SSL certificate for your domain. It is also possible to buy a certificate from a certificate authority. This post shows a way to request such a real or production certificate (not a test certificate) and use it in Windows Azure. |
Certains fournisseurs de nom de domaine fournissent un certificat SSL avec le nom de domaine. Il est %u00e9galement possible d’acheter un certificat aupr%u00e8s d’une autorit%u00e9 de certification. Ce billet montre un moyen de demander un certificat r%u00e9el ou de production (par opposition %u00e0 un certificat de test) et l’utiliser dans Windows Azure. |
In this example I use Gandi registrar. With each domain they offer an SSL certificate; so let’s see how to request it and use it in Windows Azure. The main steps are
– create a request from within IIS
– send the request to Gandi
– confirm the request in a bunch of e-mail and Web interfaces
– retrieve the request response and put it into IIS
– export the certificate from the IIS machine as a .pfx file
– upload the .pfx file to Windows Azure portal
– use the certificate in a simple sample Windows Azure App. |
Dans cet exemple, j’utilise Gandi comme fournisseur de nom de domaine. Avec chaque domaine, ils fournissent gratuitement un certificat SSL; voyons donc comment demander ce certificat et l’utiliser dans Windows Azure. Les %u00e9tapes principales sont les suivantes:
– cr%u00e9er la demande de certificat depuis IIS
– envoyer la demande %u00e0 Gandi
– confirmer la demande via un certain nombre d’e-mails et d’interfaces Web
– r%u00e9cup%u00e9rer la r%u00e9ponse %u00e0 la demande de certificat et l’int%u00e9grer dans IIS
– exporter le certificat depuis la machine IIS sous la forme d’un fichier .pfx
– charger le fichier .pfx dans le portail Windows Azure
– utiliser le certificat dans une application Azure exemple simple |
| create a request from within IIS |
Cr%u00e9er la requ%u00eate depuis IIS |
| In this sample, the domain I registered with www.gandi.net was “appartement-a-vendre-courbevoie.fr” and we’ll create a certificate for myapp.appartement-a-vendre-courbevoie.fr so that we can expose an ssl application at https://myapp.appartement-a-vendre-courbevoie.fr. |
Dans cet exemple, le nom de domaine que j’ai enregistr%u00e9 aupr%u00e8s de www.gandi.net %u00e9tait “appartement-a-vendre-courbevoie.fr” et nous allons cr%u00e9er un certificat pour myapp.appartement-a-vendre-courbevoie.fr de fa%u00e7on %u00e0 pouvoir exposer une application en SSL %u00e0 https://myapp.appartement-a-vendre-courbevoie.fr. |
| We’ll first create a certificate request from within IIS. IIS is used as a tool that will create an unsigned certificate (with its private key) before sending it (without the private key) to the certificate authority who will sign the certificate. |
Nous allons d’abord cr%u00e9er une demande depuis IIS. IIS est utilis%u00e9 ici comme un outil qui cr%u00e9e un certificat non sign%u00e9 (avec une clef priv%u00e9e) avant de l’envoyer (sans la clef priv%u00e9e) %u00e0 l’autorit%u00e9 de certification qui signera le certificat. |
| Start IIS Manager, and go to the server certificate feature |
D%u00e9marrer le gestionnaire IIS, et aller %u00e0 la fonctionnalit%u00e9 “Server Certificate” |
| create a certificate request |
cr%u00e9er une demande de certificat |
| In next screen the most important is to have Common name corresponding exactly to the URL that the certificate will be used with. |
Dans l’%u00e9cran suivant, le plus important est d’avoir le “Common name” qui correspond exactement %u00e0 l’URL avec laquelle on entend utiliser le certificat. |
| this generates a certificate request that looks like this |
cela g%u00e9n%u00e8re une demande de certificat qui ressemble %u00e0 cela |
| send the request to Gandi |
Envoyer la demande %u00e0 Gandi |
Before requesting the certificate, Gandi requires you to have an e-mail adress that corresponds to admin@<yourdomain>
Then, you can request the certificate. Here are the steps. |
Avant de demander le certificat, Gandi demande qu’on ait associ%u00e9 l’adresse e-mail admin@<notre domaine>.
Ensuite, on pourra demander le certificat. Voici les diff%u00e9rentes %u00e9tapes. |
| confirm the request |
Confirmer la demande |
| Here are the steps to confirm the request |
Voici les diff%u00e9rentes %u00e9tapes de confirmation de la demande. |
| Retrieve the request response |
R%u00e9cup%u00e9rer la r%u00e9ponse %u00e0 la demande de certificat |
| Let’s now retrieve the result |
R%u00e9cup%u00e9rons maintenant le r%u00e9sultat |
| export the certificate |
Exporter le certificat |
| Let’s now export the certificate from the local machine to a .pfx file. |
Exportons maintenant le certificat de la machine locale vers un fichier .pfx. |
| upload the .pfx file to Windows Azure portal |
Charger le fichier .pfx dans le portail Windows Azure |
| Let’s send the .pfx file to Windows Azure |
Envoyons le fichier .pfx vers Windows Azure |
| use the certificate in a simple sample Windows Azure App. |
Utiliser le certificat dans une application Azure exemple simple |
| NB: In some configurations, I’ve seen the necessity to have the certificate stored at current user’s level, not only at local machine level. Let’s first copy the certificate from the local machine store to the current user store. |
Dans certaines configuration, j’ai vu le besoin d’avoir le certificat stock%u00e9 au niveau de l’utilisateur et pas seulement au niveau de la machine. Copions donc d’abord le certificat du magasin de la machine locale au magasin de certificats de l’utilisateur courant. |
| Let’s now use the certificate in a Visual Studio 2010 project and deploy it to Windows Azure. |
Utilisons maintenant le certificat dans un projet Visual Studio 2010 avant de d%u00e9ployer ce dernier dans Windows Azure. |
| Let’s deploy to a bunch of extra small machines to show that the certificate is deployed automatically by Windows Azure to each instance. Note that SSL channel ends on each VM in the Web farm as I showed in this previous post. |
D%u00e9ployons cela sur un certain nombre de machines pour montrer que le certificat est d%u00e9ploy%u00e9 automatiquement par Windows Azure sur chaque instance. On notera que le canal SSL se termine sur chaque instance de machine virtuelle de la ferme web comme je l’ai montr%u00e9 dans un billet pr%u00e9c%u00e9dent. |
| By the way, using 6 extra small machines is the same price as 1 small machine. |
A noter: l’utilisation de 6 machines extra petites est au m%u00eame prix que l’utilisation d’une seule petite machine. |
()
()
| In order to be able to access the App. from the domain name corresponding to the certificate, a CNAME entry must be added in the DNS; then myapp.appartement-a-vendre-courbevoie.fr matches sslapp.cloudapp.net |
De fa%u00e7on %u00e0 pouvoir acc%u00e9der %u00e0 l’app. depuis le nom de domaine correspondant au certificat, une entr%u00e9e de type CNAME doit %u00eatre ajout%u00e9e dans le DNS; alors myapp.appartement-a-vendre-courbevoie.fr correspondra %u00e0 sslapp.cloudapp.net |
| Here is the result |
Voici le r%u00e9sultat |
Benjamin
Blog Post by: Benjamin GUINEBERTIERE
by community-syndication | Apr 14, 2012 | BizTalk Community Blogs via Syndication
Filtering the informative, insightful and quirky from the fire hose of cloud-based hype.
Irving Wladawsky-Berger provides some great insight into The Complex Transition to the Cloud, sharing his views on the slow adoption of cloud computing in organizations. “a prediction by the research firm Gartner that while cloud computing will continue to grow at almost 20 percent a year, it will account for less than 5 percent of totally IT spending in 2015.” With a more positive mindset, Balaji Viswanathan highlights 7 Salient Trends and Directions in Cloud Computing that could be shaping the industry over the next few years.
Cloud computing also looks to save energy “A small business with 100 users that moved the Microsoft applications to the cloud could cut energy use and carbon emissions by 90%. Large organizations with 10,000 users saw a 30% reduction.” More on that story here.
The expansion of Windows Azure has been in the news with the announcement of “East US” and “West US” datacenters; this was covered by Visual Studio Magazine and Mary-Jo, and according to thenextweb.com Microsoft are also building $112 million data center in Wyoming.
The cloud price war is still in full swing with Joe Panettieri discussing the pricing of Windows Azure and Office 365 and asking How Low Can It Go?
by community-syndication | Apr 13, 2012 | BizTalk Community Blogs via Syndication
At the most recent MS MVP Summit, Dean Robertson, founder of IT consultancy Mexia, approached me about visiting Australia for a speaking tour. Since I like both speaking and koalas, this seemed like a good match. As a result, we’ve organized sessions for which you can now register to attend. I’ll be in Brisbane, Melbourne […]
Blog Post by: Richard Seroter
by community-syndication | Apr 13, 2012 | BizTalk Community Blogs via Syndication
This week, I attended the Cloud Foundry “one year anniversary” event where among other things, Cloud9 announced support for deployment to Cloud Foundry from their innovative Cloud9 IDE. The Cloud9 IDE lets you write HTML5, JavaScript and Node.js applications in an entirely web-based environment. Their IDE’s editor support many other programming languages, but they provide […]
Blog Post by: Richard Seroter
by community-syndication | Apr 13, 2012 | BizTalk Community Blogs via Syndication
Last MVP summit I met the only Italian BizTalk Server MVP Antonino Crudele (Nino). He has been an BizTalk MVP for 5 years in a row now and that is quite an accomplishment. During the summit we had a nice little chat and got to know each other a little better. I asked him a couple of questions for my BizTalk Community Series that bring BizTalk community members to the foreground. Here is his story.
Nino Crudele is 46 years old and has two daughters, one son and a fantastic wife Grazia. He lives in the hills of the Val Trebbia near Piacenza (province Emilia Romagna, Italy). Nino has been working in the consulting world for almost 20 years. He started as a C developer and later moved to .NET and the Web. He has always been fond of the integration aspects of development. One day back in 2003 he had the opportunity to work with BizTalk. This was one of the first Italian BizTalk pilots using BizTalk 2002.
Currently Nino is the CTO (Chief Technology Officer) at Raise S.r.l., a consultancy company in Italy. Besides that he is also a Virtual Technology Specialist for BizTalk Server, a role in which he works closely with Microsoft Italy. He enjoys this role as it enables him to work with many different clients seeing BizTalk in different scenario’s from a technical point of view, size, and criticality.
Nino has worked with most of the BizTalk accelerators, Rosettanet, HL7, SWIFT and has done some big projects on EDI and RFID. In the past he also had the opportunity to be part of a big integration project with a major Italian enterprise organization that integrates many technologies like SAP, AS400, TIBCO and others using BizTalk. During this project Nino faced one he’s memorable challenges a throttling assessment on a BizTalk architecture with more than a 100 CPUs.
Nino has to say the following about me, sharing knowledge, the BizTalk Server product, and the MVP Program:
“In Steef I found a wonderful person and a great professional, has a great energy and his blog proves it. I love to share my experiences and my knowledge with my blog and community, I think that in Italy and in the world is really important to speak about BizTalk, it is one of the best product that Microsoft did. I’m BizTalk MVP from 5 years and thank to my MVP lead, this 2012 has begun so wonderful, the MVP summit I met so many great people and great professionals, I am happy and honored to be part of this great family that is the BizTalk MVP group.”
His MVP Lead Alessandro Teglia, who I spoke with a few weeks ago has the following to say about Nino:
“As a Community Program Manager (aka MVP Lead) for CEE & Italy, I usually meet a lot of people, with strong skills and very passionate ones. I do (and I love) this job because of them, their attitude, and their willingness to help others. In particular, I found in Nino a valuable expert when I first met him and, lately and very good friend I can count on. I can easily say Nino is one of the most popular BizTalk expert in the whole Country. Nino’s ability to involve you in activities and projects is just amazing; his charisma, his positive attitude is so vivid in him that you could follow him everywhere ! But it’s also supported by his strong technical knowledge which makes him a very valuable Consultant, Community Expert, Project Manager, COO and to me, a great friend.”
In his spare time Nino likes to spend as much time possible with his family. He like to write articles, create webcasts, and experiment with technology. He follows the various BizTalk communities in the world. Nino himself created the first Italian community for BizTalk (ugics.org).
There are however a lot other things Nino likes to do in his spare time. He told me he could write a book about it. So I will quote here what he told me:
“In my life I did everything, I started to practice martial arts 4 years ago, have a brown belt Judo, did Kung fu, practiced Boxing and I’m an instructor in Muay Thai. I practiced the free climbing for nine years and was part of the free climbing Italian Team for three years. I love Kayaking, I like to run and did the marathon in Athens. The others sports in my life when I was young were rugby, scuba diving, skateboarding (free style), break dancing, and so on as I can’t remember all.Nowadays I like to do karting, and I have a 125 cc, play chess and friends on mine. I love music like music like rock, metal, pop, rap”.
Nino is indeed a very active person and I like to thank him for his contributions to BizTalk community and time to have a chat with me. Nino and I will meet again in May, when we will organize a BizTalk event at Microsoft Italy in Milan. I am looking forward to that event and spending some time with Nino, meeting his family and share our passion for BizTalk and rock music.
by community-syndication | Apr 12, 2012 | BizTalk Community Blogs via Syndication
When a single appdomain is opening two (or more) service bus relay endpoints that have the same path (what is added after the servicebus.windows.net), but have a different namespace, the following exception is raised: A registration already exists for URI xxx
by community-syndication | Apr 12, 2012 | BizTalk Community Blogs via Syndication
So I’m happy to announce that we have set a date for an “open” BizTalk administration training in London this year (location is not booked yet but will be somewhere central in London. The date is 28th til 30th of august. If you want to participate on thisdeep dive administration course please feel free to
Blog Post by: Tord Glad Nordahl
by community-syndication | Apr 11, 2012 | BizTalk Community Blogs via Syndication
I’m excited to announce another new course at Pluralsight!!!! Introduction to the ASP.NET Web API If you are interested in learning about the new HttpServer and HttpClient types – and how the HttpMessageHandler glues it all together please sign up!
Blog Post by: jon
by community-syndication | Apr 10, 2012 | BizTalk Community Blogs via Syndication
SQL Server 2012 adds many significant improvements to the spatial support that was first introduced with SQL Server 2008. Among the more notable enhancements is support for curves (arcs), where SQL Server 2008 only supported straight lines, or polygons composed of straight lines. Microsoft also provides methods that test for non-2012-compatible (curved) shapes, and convert […]
Blog Post by: Lenni Lobel
