Website for Mobile App
This step is a part of the Setup Checklist for Mobile App.
This section covers how to configure the parent website that supports the mobile app web service. The host certificate set for this website must be recognized by the mobile devices running the app.
About the Website Host Certificate for the Mobile App
The mobile app requires a secure (https://) connection to the website and web service application, hosted on the IIS web server. You can use:
- A public CA host certificate (purchased from a commercial certification authority): this is publicly trusted and so does not require installing anything on the mobile device.
- A private CA host certificate (created with the SMC): this will require installing the corresponding root certificate on the mobile device.
NOTE: Self-signed certificates cannot be used. Certificates created using the Simple Authority tool will not work.
The host certificate for the website must be configured on the computer that is running the IIS web server:
- In the case of a local IIS deployment, this will be the Desigo CC server computer.
- In the case of a remote IIS deployment, this will be the separate computer (Installed Client / FEP) that hosts the IIS web server.
Configure the Website for the Mobile App
In this step you will set up a parent website for the web service that supports the mobile app. Websites are hosted on the computer where the IIS web server is running.
- For a local IIS deployment, do these steps on the Desigo CC server station.
- For a remote IIS deployment, do these steps on the separate Client/FEP station that hosts the IIS server.
- In SMC select the Websites node, and on the toolbar click Create website .
(or, to modify an existing website, select it and click Edit)
- In the Host name field, enter the computer running the IIS web server. This field is prefilled to the machine on which you are running SMC.
- Click Browse... to select the website User, and enter that user's Password.
If that user is not already a member of the IIS Users group, you will later be prompted to add it.
NOTE: In case of a remote IIS deployment, the website user must exist on the Desigo CC server as well as on the Desigo CC Client/FEP station that hosts the IIS server.
- Next to the Certificate issued to field, click Browse and select whichever host certificate (private CA or public CA) you prepared previously. See Option 1 and Option 2 above.
- The selected certificate must be Issued to the computer specified in Host name (computer hosting the website).
- If a private CA certificate is used here, the corresponding root certificate must be installed on the mobile device as well
- When finished click Save , and click OK to start creating the website.
- The website is generated and its URLs display in the expander. Note that before these URLs will work you must also Start the website if it was stopped.
Option 1 - Public (Commercial) CA Host Certificate
To use a public CA host certificate, purchased from a commercial certification authority such as Comodo (recommended):
- Import the purchased certificate file into the Personal store of the computer running the IIS web server. The Subject Name/Certificate Issued To field must match the computer name of the IIS web server computer.
- Because this type of certificate is publicly trusted, it will be automatically recognized as valid by the mobile app without having to install any certificates on the mobile device.
Select this public CA host certificate when you create the parent website for the mobile app web application.
Option 2 - Private (SMC-Created) Host Certificate
As an alternative to a purchased CA host certificate, you can used a host certificate created in SMC.
1 – On the IIS Web Server Computer, Create a Root Certificate, Import it into the TRCA Store, and Set it as Default
- On the IIS web server computer, start SMC.
- In the SMC tree, select the Certificate node.
- The Certificates tab displays. This shows the currently configured default certificates for this Desigo CC installation.
- In the Certificates toolbar, click Create Certificate and select Create Root Certificate (.pfx).
- GMS Root Certificate automatically displays in the Subject Name field.
- Change the subject name to a descriptive name, for example RootCertificate_MobileApp.
- Enter the root certificate (.pfx) and (.cer) file names, password, and path on disk into the remaining fields.
- Click Save .
- The root certificate files are created and saved at the specified path.
NOTE: Keep a copy of these root certificate files and write down the password for use in the next steps.
- In the Certificates toolbar, click Import , select the Root certificate certificate type.
- Browse to the (.cer) root certificate file created above, and select Set as default.
- Click Save .
- The root certificate is imported into the TRCA store of the IIS web server computer, and set as the default. You will later need to import this same root certificate into the mobile device as well.
2 – On the IIS Web Server Computer, Create a Host Certificate for the IIS Web Server, Import it into the Personal Store, and Set it as Default
- In the Certificates toolbar, click Create Certificate and select Create Host Certificate (.pfx).
- In the Root certificate field, browse to the (.pfx) root certificate file created above and enter its password.
- The full computer name of the IIS web server is automatically entered in the Subject Name field.
- Enter the (.pfx) and (.cer) host certificate file names, password, and path on disk.
- Click Save .
- The server host certificate files are created and saved at the specified path.
- In the Certificates toolbar, click Import select the Host certificate certificate type.
- Browse for the (.pfx) host certificate file created above and enter its password.
- Select Set as default and Key is exportable.
- Click Save .
- The host certificate is imported into the Personal store of the IIS web server computer.
Select this host certificate when you create the parent website for the mobile app web application.
3 – Install the Same Root Certificate on the Mobile Devices
The root certificate created in Step 1 must be installed on all the mobile devices where you plan to use the mobile app. For instructions see 2 – Install Certificate on the Mobile Device. If you do not do this now, you must do it when you install the app on the mobile device.