Re: [WiX-users] Installing https WCF Webservices
I think you and Fredrik would get along quite well. The WiX toolset native codebase uses very few classes but is still C++ code (uses // for comments and other small things not originally supported in C). Why? Because we developed a very consistent style that is used everywhere. That style was originally developed by taking the best parts of Word, Excel and MSO. Remember most of WiX was developed by people working in Office back in 1999. The consistency is possibly the most valuable part although the error handling/logging made possible with the ExitOnFailure() macros is pretty awesome as well (a long as you are okay with functions having a single "exit" label ). On Wed, Aug 3, 2011 at 8:43 AM, Peter Ibbotson wrote: > Ah thats useful all round. (well at least it tells me I didn't miss > anything obvious) > > >From my quick look at the extension is rollback the major thing that's > wrong with it or are there other problems lurking? > > Are there restrictions on Visual Studio versions for extensions? Also > while the code has .cpp extensions it looks like it's written in C > style[1] rather than C++ (Is this right?) > > Anyway I may have go at this as I like code that uses goto to jump to > a clean up and exit routine :) > > Peter > > [1] I give up with 21st century C++, I don't have the time or > inclination to work my way through all the copy constructor, boost, > autoptr mess, oh and the newer style of casting. Sometimes I'm a real > techno luddite. > > > -- > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > The must-attend event for mobile developers. Connect with experts. > Get tools for creating Super Apps. See the latest technologies. > Sessions, hands-on labs, demos & much more. Register early & save! > http://p.sf.net/sfu/rim-blackberry-1 > ___ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > > -- virtually, Rob Mensching - http://RobMensching.com LLC -- BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1 ___ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
Re: [WiX-users] Installing https WCF Webservices
Ah thats useful all round. (well at least it tells me I didn't miss anything obvious) >From my quick look at the extension is rollback the major thing that's wrong with it or are there other problems lurking? Are there restrictions on Visual Studio versions for extensions? Also while the code has .cpp extensions it looks like it's written in C style[1] rather than C++ (Is this right?) Anyway I may have go at this as I like code that uses goto to jump to a clean up and exit routine :) Peter [1] I give up with 21st century C++, I don't have the time or inclination to work my way through all the copy constructor, boost, autoptr mess, oh and the newer style of casting. Sometimes I'm a real techno luddite. -- BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1 ___ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
Re: [WiX-users] Installing https WCF Webservices
That's true. It's a very quiet project since I've been focused on Burn. Needs someone to push it. On Wed, Aug 3, 2011 at 6:25 AM, Nick Ramirez wrote: > For sure, I wouldn't mind getting involved in making some sort of > extension. > That project doesn't seem to have much activity though. > > -- > View this message in context: > http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Installing-https-WCF-Webservices-tp6641855p6648697.html > Sent from the wix-users mailing list archive at Nabble.com. > > > -- > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > The must-attend event for mobile developers. Connect with experts. > Get tools for creating Super Apps. See the latest technologies. > Sessions, hands-on labs, demos & much more. Register early & save! > http://p.sf.net/sfu/rim-blackberry-1 > ___ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > > -- virtually, Rob Mensching - http://RobMensching.com LLC -- BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1 ___ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
Re: [WiX-users] Installing https WCF Webservices
For sure, I wouldn't mind getting involved in making some sort of extension. That project doesn't seem to have much activity though. -- View this message in context: http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Installing-https-WCF-Webservices-tp6641855p6648697.html Sent from the wix-users mailing list archive at Nabble.com. -- BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1 ___ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
Re: [WiX-users] Installing https WCF Webservices
Ug, batch files? It doesn't look like this supports repair and thus won't
work for patching or minor upgrades (probably all scenarios you cut). Of
course, no error reporting either.
A better way is to build a declarative custom action that is reusable. There
is already one in WiX-contrib (http://wixcontrib.codeplex.com/) that does
most of the work. Why not finish it rather than writing batch files that
don't support the full range of scenarios...?
On Tue, Aug 2, 2011 at 9:10 AM, Nick Ramirez wrote:
> We've had quite a bit of hands on experience with this sort of thing
> lately.
> In one project, we bound a certificate to a port during the install so that
> we could use SSL (the same as if you were to go into IIS and set the
> binding
> and choose a certificate). In another case, we used ws-security in the
> web.config by altering the XML at install time. Here I'll just talk about
> the former -- simply binding a certificate to a port.
>
> To get a port to communicate over SSL, you have to bind a certificate to
> that port. The *netsh* command-line utility works nicely for this. Given an
> IP, port and thumbprint of the certificate you want to use, it can bind
> that
> certificate to the port.
>
> I use the following .cmd script, passing in the necessary thumbprint (which
> I call "CERTHASH"), and IP and port to bind to.
> *
> @ECHO OFF
> REM Sets the certificate for for the port where the WCF runs
> REM Note that we get the appid values from the GUIDs in the AssemblyInfo.cs
> files for the WCF
>
> REM Dev cert hash example: d4675cce6b8e85678826c3d426dd213ce4731e5d
>
> SET CERTHASH=%1
> SET IP=%2
> SET PORT=%3
>
> ECHO Binding certificate to port %port%
>
> REM Bind the certificate to the WCF port
> netsh http add sslcert ipport=%IP%:%PORT% certhash=%CERTHASH%
> appid={01C40DD4-FF57-445F-BEDA-06E473DE8589}
>
> ECHO Done.
>
> @ECHO ON*
>
> The appId comes from the Properties\AssemblyInfo.cs file, where I use the
> [assembly: Guid ...]. The netsh documentation is actually kind of vague
> about this, so I probably could have used any GUID. Oh well.
>
> I've also got a similar "rollback" script:
>
> *@ECHO OFF
>
> SET IP=%1
> SET PORT=%2
>
> ECHO Deleting certificate from port binding for port %PORT%
>
> netsh http delete sslcert ipport=%IP%:%PORT%
>
> ECHO Done.
>
> @ECHO ON*
>
> I install these two shell scripts along with my application. Here are the
> components I use:
>
>
>Guid="30B2D226-03C6-4230-9988-9977889BA8AC">
> Source="$(var.sourceDir)bind_cert_to_port.cmd"
> KeyPath="yes" />
>
>
>Guid="BC5F4999-2B17-420F-84E9-D4768B8A02A0">
> Source="$(var.sourceDir)delete_cert_from_port.cmd"
> KeyPath="yes" />
>
>
> I set up some custom actions:
>
>
> Directory="SystemFolder"
> Impersonate="yes"
> Execute="deferred"
> ExeCommand="[SystemFolder]cmd.exe /C
> "[meCCServiceDir]bind_cert_to_port.cmd [WCF_PORT_CERT_THUMBPRINT]
> [ASMX_WEBSITE_IP] [WCF_PORT]""
> Return="check" />
>
>
> Directory="SystemFolder"
> Impersonate="yes"
> Execute="rollback"
> ExeCommand="[SystemFolder]cmd.exe /C
> "[meCCServiceDir]delete_cert_from_port.cmd [ASMX_WEBSITE_IP]
> [WCF_PORT]""
> Return="ignore" />
>
> Directory="SystemFolder"
> Impersonate="yes"
> Execute="deferred"
> ExeCommand="[SystemFolder]cmd.exe /C
> "[meCCServiceDir]delete_cert_from_port.cmd [ASMX_WEBSITE_IP]
> [WCF_PORT]""
> Return="ignore" />
>
> And then I schedule them:
>
>
>
>After="InstallInitialize">1
>After="CA_SetAsmxDnsFromRegistry">REMOVE="ALL"
>
>
> *Before="CA_BindCertToPort">NOT Installed
> NOT
> Installed
>Before="RemoveFiles">REMOVE="ALL"*
>
>
>
> Notice that I also used another custom action to get the IP address based
> on
> the DNS of the website (I used C# for that) and one to get the port I'd
> bound to, if this is happening during an uninstall, from the registry. That
> way, I would have the port again, even though the user didn't enter them
> into a UI.
>
> If you're going the ws-security route, that's another thing. I'm saying a
> lot of stuff here. The main thing is just to use netsh to bind the
> certificate to the port and presto you're ready for HTTPS. We even use this
> to have SSL over a port other than 443.
>
> --
> View this message in context:
> http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Installing-https-WCF-Webservices-tp6641855p6645377.html
> Sent from the wix-users mailing list archive at Nabble.com.
>
>
> -
Re: [WiX-users] Installing https WCF Webservices
We've had quite a bit of hands on experience with this sort of thing lately.
In one project, we bound a certificate to a port during the install so that
we could use SSL (the same as if you were to go into IIS and set the binding
and choose a certificate). In another case, we used ws-security in the
web.config by altering the XML at install time. Here I'll just talk about
the former -- simply binding a certificate to a port.
To get a port to communicate over SSL, you have to bind a certificate to
that port. The *netsh* command-line utility works nicely for this. Given an
IP, port and thumbprint of the certificate you want to use, it can bind that
certificate to the port.
I use the following .cmd script, passing in the necessary thumbprint (which
I call "CERTHASH"), and IP and port to bind to.
*
@ECHO OFF
REM Sets the certificate for for the port where the WCF runs
REM Note that we get the appid values from the GUIDs in the AssemblyInfo.cs
files for the WCF
REM Dev cert hash example: d4675cce6b8e85678826c3d426dd213ce4731e5d
SET CERTHASH=%1
SET IP=%2
SET PORT=%3
ECHO Binding certificate to port %port%
REM Bind the certificate to the WCF port
netsh http add sslcert ipport=%IP%:%PORT% certhash=%CERTHASH%
appid={01C40DD4-FF57-445F-BEDA-06E473DE8589}
ECHO Done.
@ECHO ON*
The appId comes from the Properties\AssemblyInfo.cs file, where I use the
[assembly: Guid ...]. The netsh documentation is actually kind of vague
about this, so I probably could have used any GUID. Oh well.
I've also got a similar "rollback" script:
*@ECHO OFF
SET IP=%1
SET PORT=%2
ECHO Deleting certificate from port binding for port %PORT%
netsh http delete sslcert ipport=%IP%:%PORT%
ECHO Done.
@ECHO ON*
I install these two shell scripts along with my application. Here are the
components I use:
I set up some custom actions:
And then I schedule them:
1
REMOVE="ALL"
* NOT Installed
NOT
Installed
REMOVE="ALL"*
Notice that I also used another custom action to get the IP address based on
the DNS of the website (I used C# for that) and one to get the port I'd
bound to, if this is happening during an uninstall, from the registry. That
way, I would have the port again, even though the user didn't enter them
into a UI.
If you're going the ws-security route, that's another thing. I'm saying a
lot of stuff here. The main thing is just to use netsh to bind the
certificate to the port and presto you're ready for HTTPS. We even use this
to have SSL over a port other than 443.
--
View this message in context:
http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Installing-https-WCF-Webservices-tp6641855p6645377.html
Sent from the wix-users mailing list archive at Nabble.com.
--
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile developers. Connect with experts.
Get tools for creating Super Apps. See the latest technologies.
Sessions, hands-on labs, demos & much more. Register early & save!
http://p.sf.net/sfu/rim-blackberry-1
___
WiX-users mailing list
WiX-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wix-users
