WinGate Forums

[boblowski]

I am currently looking at WinGate as a reverse proxy solution. Everything looks good so far, but I can't get HTTPS to work for incoming connections. For testing I defined a simple local site which I can access fine through WinGate's default WWW service (defined web server > serve request). Now as a first step I want to access this same site through HTTPS.

Since I can't find any documentation on this, I presumed for HTTPS I needed to define a new local certificate for the host and then define a new WWW service for port 443 which serves the site. If I try to connect to the site through HTTPS, the connection always times out. I am testing on a WinXP/SP2 machine, with the local Windows firewall switched off.

Can anybody tell me what I am doing wrong?

Thanks and cheers, Bob

[boblowski]

Found the answer myself. I needed to choose SSL and the certificate for the bindings for this service. Now everything works fine.

Another 3 questions though:

(1) Can I just add my own PEM certificates to the WinGate\Certificates directory?

(2) Is it correct that the SSL functionality is only part of the Enterprise edition of WinGate?

(3) Is there a real user/administration manual available?

Thanks and cheers, Bob

[adrien]

Hi

1) Unfortunately it's a bit involved to get to use other PEM certs.

This is due to storing the pass phrase in the registry, encoded.

Looks like it uses the same algorithm as is used for user passwords in the WinGate user database. This means you should be able to generate the value for the passphrase field of a cert you wish to import by

a) choose an account in WinGate, set its plaintext override (on the email tab) password to the passphrase associated with the certificate. This is the password used when you created the PEM file with its private key.
b) go to the registry, under HKEY_LOCAL_MACHINE\Software\Qbik Software\WinGate\UserDatabase, then the key of the user you chose, copy out the POP3Password value.

This value needs to go into the registry under

HKEY_LOCAL_MACHINE\Software\Qbik Software\WinGate\Certificate Manager, as a REG_SZ value, where the name of the value is the name of the certificate file (minus the .PEM extension).

2) Yes, SSL requires an Enterprise licence.

3) The only documentation we have is the downloaded documentation that came in the installer. We're happy to help out with any issue you may come up against.

Regards

Adrien

[boblowski]

1) Unfortunately it's a bit involved to get to use other PEM certs.

This is due to storing the pass phrase in the registry, encoded.

Looks like it uses the same algorithm as is used for user passwords in the WinGate user database. This means you should be able to generate the value for the passphrase field of a cert you wish to import by

a) choose an account in WinGate, set its plaintext override (on the email tab) password to the passphrase associated with the certificate. This is the password used when you created the PEM file with its private key.
b) go to the registry, under HKEY_LOCAL_MACHINE\Software\Qbik Software\WinGate\UserDatabase, then the key of the user you chose, copy out the POP3Password value.

This value needs to go into the registry under

HKEY_LOCAL_MACHINE\Software\Qbik Software\WinGate\Certificate Manager, as a REG_SZ value, where the name of the value is the name of the certificate file (minus the .PEM extension).

OK, thanks for the explanation!

Cheers, Bob