Documentation

FireDaemon Fusion 6 Users Guide
PRINT
Download PDF

1.Introduction

Last updated on August 14, 2018
Full

FireDaemon Fusion provides an easy way to view system statistics and manage Windows services via web browser without needing to install a separate web server. When used in conjunction with FireDaemon Pro, FireDaemon Fusion allows you to schedule, configure, install and run any 32-bit or 64-bit application program executable written in any language (eg. C/C++, C#, VB, Delphi, Foxpro, Fortran, LISP) or interpreted script (e.g. Java, Perl, Powershell, BAT/CMD, Python, Ruby, TCL/TK, PHP) as a Windows Service.

FireDaemon Fusion Quick Overview

FireDaemon Fusion can be used with or without FireDaemon Pro, each offering different feature sets.

Without FireDaemon Pro installed, Fusion allows you to view system statistics, view and control built-in Windows services and create local user accounts to provide granular access control to built-in Windows services.

With FireDaemon Pro installed, you also gain the ability to install and run any application as a service via your web browser (i.e. create and install FireDaemon services).

1.1.Features

Last updated on August 14, 2018
Full

FireDaemon Fusion comes with a wide variety of features that make managing services via browser.

  • Installs as a native Windows service – no web server is required
  • Provides control of FireDaemon Pro and Windows builtin services via HTTP based API
  • Edit the properties of any built-in Windows service
  • Provides detailed statistics of the machine it is currently running on
  • Connects to and controls remote machines running FireDaemon
  • Comprehensive logging and debugging
  • Negligible memory and CPU consumption
  • Support for all currently supported Microsoft 32-bit and 64-bit Operating Systems (Vista, 2008, 7, 2008 R2, 8, Server 2012, 8.1 Server 2012 R2, 10)
  • Extensive documentation including FAQs and HOWTOs

2.Compatibility

Last updated on August 14, 2018
Full

FireDaemon Fusion is designed to run on the following Microsoft Windows Operating Systems running on either bare metal or virtualised:

Windows OSx86 (32-bit)x64 (64-bit)Service Pack
Windows Vista (NT 6.0)YesYesSP2
Server 2008 (NT 6.0)YesYesSP2
Windows 7 (NT 6.1)YesYesSP1
Server 2008 R2 (NT 6.1)N/AYesSP1
Windows 8 (NT 6.2)YesYesN/A
Server 2012 (NT 6.2)N/AYesN/A
Windows 8.1 (NT 6.3)YesYesN/A
Server 2012 R2 (NT 6.3)N/AYesN/A
Windows 10 (NT 10.0)YesYesN/A
Server 2016 (NT 10.0)N/AYesN/A

3.Installation

Last updated on August 12, 2018
Full

FireDaemon Fusion is supplied as a standalone installation executable (EXE). It is available as a fully functioning 30-day trial before purchasing a license key. To install, download the installer from the FireDaemon website, then copy the installer to a convenient location. Start the installer by double clicking on it.

To get started with Fusion, double-click the .exe file and follow the directions in the installer to install Fusion on your computer.

FireDaemon Fusion installer

Click Next to begin installation. Read the License Agreement and then accept the terms to continue.

FireDaemon Fusion installer - terms of service

Read the README supplied with FireDaemon Fusion and click Next. This README contains particularly important information if you are updating FireDaemon Fusion from an older version.

FireDaemon Fusion README file - installation

Select where you want FireDaemon Fusion to be installed. By default, FireDaemon Fusion installs to C:\Program Files (x86)\FireDaemon Fusion. Click Next once you are happy with the installation path.

FireDaemon Fusion installer - select directory

If you are happy with your settings, click Install to install FireDaemon Fusion to your computer. Otherwise, click Back to change your installation settings.

FireDaemon Fusion - begin installing now

Once FireDaemon Fusion is installed, you may launch FireDaemon Fusion for the first time or view the Windows install log. The installation success screen also shows your default FireDaemon Fusion credentials. These credentials are also available in the Accessing FireDaemon Fusion area of this guide.

FireDaemon Fusion - successful installation screen

3.1.Silent Installation

Last updated on September 27, 2018
Full

FireDaemon Fusion supports silent installation. At a command prompt, navigate to the directory that your downloaded the .exe file from. Then run the following, amending the .exe filename as necessary:

FireDaemon-Fusion-x86.exe /s /v"/qn"

To uninstall FireDaemon Fusion silently, run the following, amending the .exe filename if necessary:

FireDaemon-Fusion-x86.exe /x /s /v"/qn"

3.2.Applying Serial Numbers

Last updated on September 27, 2018
Full

FireDaemon Fusion will run in trial mode for 30 days. After that time the product will expire and you will need to obtain a Serial Number in order to continue using FireDaemon Fusion. You can purchase a serial number from the FireDaemon Webstore. Once you have purchased your license, you will receive an order confirmation email. This email will contain links to your receipt as well as your license Serial Number Name and Serial Number. It is vitally important that you either cut and paste this information from your order confirmation email or type them in exactly as they appear on it. Registration information can be entered via the Options section of FireDaemon Fusion.

4.Uninstallation

Last updated on August 12, 2018
Full

FireDaemon Fusion can be uninstalled in the same way as you would any other Windows program. Visit the Windows Control Panel and choose the Add or Remove Programs applet. On Windows Vista, Server 2008, 7, 8 and 2012 or later you will need to open the Control Panel and look for the Programs and Features applet. Once you have opened the appropriate applet look for FireDaemon Fusion in your list of installed programs and click on the Remove / Uninstall button.

Uninstalling FireDaemon Fusion from the Control Panel

You will be presented with the dialog below. Click the Yes button to uninstall FireDaemon Fusion. Note that if you have the FireDaemon Fusion GUI open or if another user is currently using Fusion, the uninstaller will ask you to manually stop or remove the services before proceeding with the uninstallation.

Are you sure you want to uninstall FireDaemon Fusion?

5.Logging On

Last updated on August 12, 2018
Full

FireDaemon Fusion can be accessed by pointing your web browser to https://host:port. Make sure port 20604 is open on your network connection. If a host and port have not been specified, then FireDaemon Fusion is accessible from https://localhost:20604.

FireDaemon Fusion login screen

The default username is admin and the default password is admin. You may change your username and password — or create a separate administrator or user account — in the My Account area after launching FireDaemon Fusion.

Note that SSL is enabled by default for FireDaemon Fusion; however, it must be set up. If you try to access your Fusion instance via HTTPS and do not have SSL set up, your browser will warn you about an insecure connection. You must then create an exception to continue to FireDaemon Fusion. See the SSL setup section of this guide for more info.

Also, if you try to access FireDaemon Fusion via HTTP, the page will not load.

After logging in to FireDaemon Fusion, the user is redirected to the FireDaemon Services page unless the login URL specifies otherwise.

5.1.Accessing Fusion with a Custom Domain

Last updated on August 12, 2018
Full

If you like, you can use a domain name and forward its traffic to Fusion’s IP address. This can make forwarding a domain to a given IP address is straightforward. If you do not already have a registered domain, register the domain name of your choice. There are many domain registrars available to choose from.

Once you have obtained a domain name, the next step is to forward your domain to the IP address that hosts your FireDaemon Fusion instance, including the port. You can do this by configuring your domain to forward to the IP address of your choice. Instructions vary by domain registrar.

6.Managing Services

Last updated on August 12, 2018
Full

The logged-in area of FireDaemon Fusion provides access to a variety of service controls.

6.1.Local and Remote Nodes

Last updated on September 27, 2018
Full

The leftmost column, visible from every page on FireDaemon Fusion, shows the computers that you have added as nodes. This area allows you to select a computer and view the system information for that computer. Computers outside your network that you have added to this running instance of FireDaemon Fusion are also shown. You can also shut down or restart a given computer from this menu.

FireDaemon Fusion left side menu

6.2.Quick Overview

Last updated on September 27, 2018
Full

The Quick Stats area of FireDaemon Fusion shows information about the machine that the logged-in user is currently accessing. It is visible only if the logged-in user has been granted permission to view this area.

These details include the number of FireDaemon and Windows services running or stopped, and the number of active session and active logged-on users.

FireDaemon Fusion Quick Overview page

Clicking or tapping on the FireDaemon Services or Windows Services areas will direct a user to the respective page for FireDaemon or Windows services, where one can acquire more detail about the services.

6.3.FireDaemon Services

Last updated on September 27, 2018
Full

The FireDaemon Services area allows users and administrators to create, manage, and remove FireDaemon services. Note that use of the FireDaemon Services area requires FireDaemon Pro to be installed, as all services created and modified here are FireDaemon services.

The top of the FireDaemon Services area features a toolbar for the commonly used functions in the FireDaemon Services Manager. The buttons are similar to those of the FireDaemon Pro GUI.

FireDaemon Fusion service control buttons

Below the toolbar buttons, the FireDaemon Services tab displays all FireDaemon services in seven columns. It is displayed only if you have FireDaemon Pro installed on your computer and you have been granted permission to view this area. These columns are:

ColumnDescription
NameThe service prefix concatenated with the service's display name.
DescriptionDescription of the service. May be blank for FireDaemon Pro services.
StatusStatus of the service. FireDaemon Pro services are either Running or Stopped.
Startup TypeStartup type of the service.
Log On AsThe name of the user the service is running as.
PIDThe process ID of the application FireDaemon Pro is running.
MemoryThe private working set memory utilisation of the application FireDaemon Pro is running.

A list of FireDaemon services displays below the toolbar, similar to the layout in the FireDaemon Pro GUI. Clicking “New” brings up the dialog to create a new FireDaemon service. Clicking a service brings up that service’s Edit Properties page. The steps and layout for creating and editing a FireDaemon service are the same as in the FireDaemon Pro GUI, with the same options available to edit.

This list of services is paginated, and you can change the number of services to view per page. You can sort the results by any of the settings listed instead of name, in either ascending or descending order.

The actions of starting, stopping, restarting, and deleting a service are accessible by hovering over the service and selecting from the floating toolbar. You can also select multiple services within Fusion to edit, start, stop, restart, or delete simply by a mouse click.

FireDaemon services displayed in FireDaemon Fusion

6.4.Windows System Services

Last updated on September 27, 2018
Full

The System Services area of FireDaemon Fusion shows a list of built-in Windows services. This list includes currently running services, as well as Windows services that have been stopped. Information on these services is displayed with the same columns as the FireDaemon services: Name, Description, Status, Startup Type, Log On As, PID (process ID), and Memory.

ColumnDescription
NameThe display name of the service.
DescriptionDescription of the service.
StatusStatus of the service. Services are either Running or Stopped.
Startup TypeStartup type of the service.
Log On AsThe name of the user the service is running as.
PIDThe process ID (PID) of the service.
MemoryThe private working set memory utilisation of the service.

The toolbar contains buttons for you to start or stop a selected service. Additionally, the Refresh button allows you to refresh the list of built-in services.

As with the list of FireDaemon services, this list of built-in services is paginated, and you can change the number of services to view per page. You can also sort the results by any of the settings listed instead of name.

To edit a service, click the service’s name. The menus and options are the same as in FireDaemon Pro: General, Log On, Recovery, and Dependencies. Learn more about editing Built-In Services in the FireDaemon Pro guide.

The actions of starting, stopping, restarting, and deleting a service are accessible by hovering over the service and selecting from the floating toolbar. You can also select multiple services within Fusion to edit, start, stop, restart, or delete simply by a mouse click.

While you may modify a system service, it is strongly discouraged, as modifying a system service can compromise the function of your machine.

Windows Services Shown in FireDaemon Fusion

6.5.Manage Users

Last updated on September 27, 2018
Full

The Manage Users area allows administrators to manage FireDaemon Fusion user accounts. Account administrators can create and manage users in this area. Note that all users, including administrators, must use the My Account area to edit their own settings.

To add a user, click Add from the toolbar menu and enter the information for the new user.

The Add/Edit user screen contains three subsections. The General section allows for entering of a name, title, email, and other general information. The available information is displayed in the table below.

NameDescription
UsernameThe username assigned by the administrator. This setting is a required field and can only be changed by an administrator.
First NameThe first name of the user. Viewable only by the user and administrators.
Last NameThe last name of the user. Viewable only by the user and administrators.
PasswordThe user's password. Only used to change or set a user's existing password. Otherwise it may be left blank.
Confirm PasswordThe new password of the user's choice, entered a second time. Only used to change or set a user's password.
TitleThe user's title within the organisation. Viewable only by the user and administrators.
E-mailThe user's email. Viewable only by the user and administrators.
Mobile NumberThe user's mobile number. Viewable only by the user and administrators.
Office NumberThe user's office number. Viewable only by the user and administrators.

FireDaemon Fusion administrators can also assign a role to the new user: Administrator or User.

Administrators have full access to FireDaemon Fusion and the machines on the network also running Fusion.

Users have more fine-tuned access as assigned to them by an administrator. There are six types of functionality an administrator can offer a user when adding or editing a user account. By default, all administrators have access to all six functions.

FunctionDescription
View quick statsAllows users to view the Quick Stats tab.
Manage FireDaemon servicesAllows users to view, add, edit, start, stop, and remove FireDaemon Pro services within the FireDaemon services tab.
Manage System servicesAllows users to view, add, edit, start, stop, and remove Windows System services within in the System services tab.
Can shutdown computerAllows users to shut down a computer configured as a node.
Can restart computerAllows users to restart a computer configured as a node.
Can browse foldersAllows users to browse folders on the computer that Fusion is installed on.

An administrator must assign at least one function to a new user; beyond that, administrators may assign as many or as few of these functions to a user as they wish. The tabs a user sees when logged in depends on which functions an administrator has assigned to them. For instance, a user with only the View quick stats and Manage FireDaemon services functions can view only the Quick Stats and FireDaemon Services tabs. They will not be able to manage system services, shut down or restart a computer, or browse folders.

Assigning Specific Services to Users

The FireDaemon Services and System Services area allow an administrator to assign or unassign specific services to the user. Within a given service, four options are available to assign: view, edit, start, and stop.

Editing and Deleting Users

To edit a user, click the user whose information you would like to edit, and then update the fields with the new information. Existing administrators can update their own information here. Note that non-administrators must use the My Account area to modify their own user information.

To delete a user, select the user from the user list and click Delete. You may delete multiple users at once in this way by selecting all the users you wish to delete.

6.6.Settings

Last updated on September 27, 2018
Full

The Settings area is where administrators can edit the various options used to customise FireDaemon Fusion. It features FireDaemon Fusion’s customisation settings that can be used for IP bindings, SSL, and connecting to remote machines.

FireDaemon Fusion Settings

Connectivity

This area allows you to edit connectivity settings. After any changes in this section are saved, Fusion must be restarted for the changes to take effect.

CORS

CORS (Cross Origin Request Sharing) is supported in Fusion 6. CORS is an acronym for Cross Origin Request Sharing and is an opt-in protocol for browsers and application servers to allow requests originating from other domains than the requested (e.g. script on jsfiddle.net requesting Fusion on localhost).

It exists to prevent CSRF (Cross Site Request Forgery), where a script can steal or modify data from another domain (e.g. script on jsfiddle.net performing a bank transaction).

CORS is disabled by default. When enabled, CORS is able to access the Fusion API.

See the CORS section of this guide to learn more about using CORS with FireDaemon Fusion.

IPv4 Addresses and Bindings

IPv4 binding: Assign the IPv4 address Fusion should listen on for connections. Currently only one address can be selected.

Connection port: Determines which port Fusion uses to connect. The default port is 20604. If you change this port, make sure the new port is open to traffic.

SSL

FireDaemon Fusion supports SSL so you can access Fusion itself with a secure connection. There are four fields in the Options area for configuring FireDaemon Fusion to use SSL.

Use SSL: This box is checked by default. Uncheck this box to access FireDaemon Fusion without SSL. If this setting is changed, FireDaemon Fusion needs to be restarted for the changes to take effect.

SSL Certificate: Drop or paste your SSL certificate here in order to use it. This is a .cert file in PEM format.

SSL Private Key: Drop or paste your SSL private key here in order to use it. This is a .key file in PEM format.

SSL Password: Enter the passphrase to your SSL key here. It may be left blank if your SSL certificate is not password-protected.

See the SSL area of this guide for full instructions on setting up SSL and obtaining a security certificate.

Logging

This section allows you to configure your log file information. While using log files is optional, it is useful when detecting unusual behaviour and keeping a record of activity.

Log File Folder: This folder determines the location of your Fusion log files. By default, the folder is named logs and is located in your FireDaemon Fusion folder. You may change this location to suit your preferences.

Log File Name: This area determines the file to write FireDaemon Fusion logs to. The default file is FireDaemonFusion.log. You may change the file name here.

Log File Rotation: This setting determines when your log files are rotated. There are four options here:

  • At midnight: log files rotate at midnight each night
  • At midnight and midday: log files rotate at midnight and at midday each day
  • At the top of every hour: log files rotate at the beginning of each hour
  • Upon reaching a certain size: log files rotate when the current file reaches the size you specify, expressed in MB. The default setting is 1 MB.

Log File Ageing: This setting determines how many of the most recent log files to preserve. The default (and highest) setting is 12.

Enable Debug: When enabled, this setting enables debug mode, which prints more detailed information to the specified log file.

Nodes

Nodes provide an easy way to view other machines on your network that also run FireDaemon Fusion. This allows you to manage FireDaemon services for another computer as well as shut down or restart machines.

Monitor status: This monitors the other nodes to check their online status. You can tell Fusion to check the other machines at a certain interval. The default setting is to check the status of other machines every 30 seconds. Once this setting is enabled, inaccessible remote Fusion nodes are shown in a different colour.

You can also add new Fusion nodes so you can control other Fusion-enabled computers remotely. To add a new Fusion node, click the + sign and enter the following information:

  • Node Alias: A name for this FireDaemon Fusion instance.
  • Host Address: The address of the host computer
  • Port: The port that FireDaemon Fusion uses on the host machine
  • User: The FireDaemon Fusion user for the host machine
  • Password: The FireDaemon Fusion user password for the host machine
  • SSL: Indicate whether or not the host machine uses SSL with FireDaemon Fusion
License

The License area enables administrators to view and edit the FireDaemon Fusion registration information.

If the copy of FireDaemon Fusion is registered, the registrant’s name is displayed on this page.

The license name and serial number can be updated here.

Notifications

There is one option in this area: “Check for Updates”, which checks the FireDaemon Fusion website daily for updates. This setting is enabled by default.

6.7.System Information

Last updated on August 13, 2018
Full

The System Information section shows the basic information for the computer that FireDaemon Fusion is installed to. This includes information on the computer name, operating system, processor(s), memory, storage, and network connections.

The Software Summary section shows information on the FireDaemon products currently installed and the location of the installations, including their licensing status (trial or purchased).

6.8.My Account

Last updated on August 13, 2018
Full

All users, including administrators, can view and change their own settings through the My Account area of the site. Here, users can edit their name, contact information, and other settings.

Note that entering one’s password is necessary to successfully change any of these settings. If a user is changing their password, then they must enter their new password twice in the New Password fields.

In addition, all the fields are optional except for the Old Password field, which is necessary for changing any of the below settings.

Here are the fields displayed:

NameDescription
UsernameThe username assigned by the administrator. This setting is a required field and can only be changed by an administrator.
First NameThe first name of the user. Viewable only by the user and administrators.
Last NameThe last name of the user. Viewable only by the user and administrators.
Old PasswordThe user's current password. This field must be entered in order to save any changes.
PasswordThe user's new password. Only used to change or set a user's existing password. Otherwise it may be left blank.
Confirm PasswordThe new password of the user's choice, entered a second time. Only used to change or set a user's password.
TitleThe user's title within the organisation. Viewable only by the user and administrators.
E-mailThe user's email. Viewable only by the user and administrators.
Mobile NumberThe user's mobile number. Viewable only by the user and administrators.
Office NumberThe user's office number. Viewable only by the user and administrators.

7.Cross-Origin Request Sharing in Fusion

Last updated on September 28, 2018
Full
What is CORS?

Cross Origin Request Sharing (CORS) is an opt-in protocol for browsers and application servers to allow requests originating from other domains than the requested (e.g. script on jsfiddle.net requesting Fusion on localhost). CORS support allows you to easily embed the Fusion API in your application. Check out our Fiddle to see how the API works.

CORS exists to prevent CSRF (Cross Site Request Forgery), where a script can steal or modify data from another domain (e.g. script on jsfiddle.net performing a bank transaction).

CORS in Fusion

CORS support is disabled by default in FireDaemon Fusion. To enable it, visit the CORS section in the Fusion settings.

CORS is used only for the /auth and /api endpoints. CORS does not access webpage requests or static Fusion assets.

CORS preflight check is performed on the local node.

CSRF protection

CSRF detection relies on the origin header present at login time and the origin header present for request. If this is the case, then a request’s Origin is checked against the previously captured Origin. Origin check for CSRF detection relies on Origin header being sent for ajax/POST requests.

If CORS is disabled (as it is by default), Session-cookie is restricted to ‘same site’ [SameSite=lax]. The session-cookie is inaccessible by scripts [HttpOnly].

The effect of CSRF detection is that a script can’t interfere with a currently open session by a logout or fresh login, and therefore can’t fetch any data.

Browser Caveats

There are some browser caveats to using CORS. Browsers must be configured to allow third-party cookies; Chrome and Firefox usually do this by default.

Internet Explorer 11 and Firefox self-signed certificates don’t work well sometimes due to blocked network requests. We recommend using a certificate that is not self-signed if you use CORS with Internet Explorer or Firefox.

Internet Explorer 11 can support third-party cookies via the following settings:
Configuration: Internet Options > Privacy > Advanced
Check “Override automatic cookie handling”
Check “Always allow session cookies”

An alternate Internet Explorer configuration is to navigate to Internet Options > Privacy > Sites. Then allow Fusion domain to store cookies.

Yet another alternate configuration is to navigate to Internet Options > Security > Local Intranet. Add both Fusion and cross domains where prompted.

Internet Explorer is awaiting the following issue’s fix. Firefox is awaiting this issue’s fix.

8.Setting Up SSL

Last updated on August 13, 2018
Full

This guide shows you how to protect FireDaemon Fusion’s web interface with a self-signed or Certificate Authority Signed SSL certificate.

As of version 6.0, FireDaemon Fusion fully supports SSL, and SSL access is enabled by default. The passwords are stored as an AES256 hash in the Fusion configuration file. Note that unless SSL is explicitly disabled in the Fusion settings, accessing an instance of FireDaemon Fusion requires accessing the page via HTTPS.

A valid SSL certificate is required in order to use SSL with FireDaemon Fusion. This section of the users guide presents four methods of obtaining an SSL certificate: Self Signed Easy, Self Signed Hard, Let’s Encrypt, and Certificate Authority.

Notes

The easy and hard self-signed methods will display an SSL warning message whenever you view your Fusion page. If you do not want to see this warning message, then you need to buy an SSL certificate from a Certificate Authority.

If you choose to password protect your SSL .key file, please take note of the password as you will need it later in this guide. Also, don’t forget the password as there is no way to recover it if you forget it!

8.1.Self-Signed - Easy Method

Last updated on August 13, 2018
Full

The easiest way to obtain a free SSL certificate is through the site selfsignedcertificate.com. However, this method gives you limited control over your certificate details and security. These SSL certificates should only be used on development or trial machines. It should not be used on production machines.

Go to selfsignedcertificate.com.

If the machine running FireDaemon Fusion has a DNS domain name associated with its IP, then enter your domain name in the text box and click “Generate”, otherwise enter the server’s IP and click “Generate”.

Download the .key and .cert files to your desktop or somewhere else easily accessible.

8.2.Self-Signed - Harder Method

Last updated on August 13, 2018
Full

You can also generate an SSL certificate with OpenSSL. This method gives you more control over your SSL certificate’s details.

Download the latest OpenSSL version for Windows.

Open a command window (Windows key + R and type “cmd” then enter key.) and navigate to the directory containing OpenSSL. Type the following commands to generate the keys. You will need to enter a password during key creation. Replace “server” with your desired key name.

C:\OpenSSL-Win32\bin\openssl genrsa -out server.key 2048
C:\OpenSSL-Win32\bin\openssl req -new -key server.key -out server.csr -sha256
C:\OpenSSL-Win32\bin\openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Save the .key and .cert files to your desktop or somewhere else easily accessible.

8.3.Let's Encrypt

Last updated on August 13, 2018
Full

Let’s Encrypt is a free, automated, and open certificate authority created by the Electronic Frontier Foundation. While Certbot, the recommended Let’s Encrypt client, is not fully supported in Windows, you may use other compatible clients. This guide will detail instructions using the ACMESharp shell client.

Follow the steps in the ACMESharp guide to install ACMESharp and obtain a certificate. For step 5, we recommend validating your domain via DNS (Method #3).

Once your domain has been marked as valid, you can retrieve the certificate by following the instructions in the ACMESharp guide.

Save the .key and .cert files to your desktop or somewhere else easily accessible.

8.4.Certificate Authority

Last updated on September 28, 2018
Full

Obtaining a certificate through a Certificate Authority is the best way to ensure control over your certificate’s details.

Go to a Certificate Authority such as Name Cheap. SSL certificates start at $7.95 per year.

You will need to generate a CSR (Certificate Signing Request). You can do this with OpenSSL. Download the latest OpenSSL version here.

OpenSSL may also be downloaded from the FireDaemon mirror. For details see the FireDaemon knowledge base. The advantage to downloading from the FireDaemon Mirror is that the OpenSSL version matches that of the current FireDaemon Fusion.

After downloading OpenSSL, open a command window (Windows key + R and type “cmd” then enter key). Type the following commands to generate the data, replacing “server” and “myserver” with the name of your files.

cd C:\OpenSSL-Win32\bin\
openssl genrsa -out server.key 2048
openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr -sha256

Then follow the directions at whichever Certificate Authority you chose.

Once your Certificate Authority has processed your payment and created the certificate, it will be emailed to you.

Save the .key and .cert files to your desktop or somewhere else easily accessible.

8.5.Caveats and Issues

Last updated on August 14, 2018
Full

If you try and start Fusion and the port is in use, Fusion will not be able to start and you will see the following error in the Fusion debug log:

ERROR 2013-08-05 21:48:50,610 [01bb0] WebServer net::TCPServer::start - Unable to bind to port 443: bind: An attempt was made to access a socket in a way forbidden by its access permissions
INFO 2013-08-05 21:48:50,610 [01bb0] pion __stdcall SvcMain - Catched Service mode exception
FATAL 2013-08-05 21:48:50,610 [01bb0] pion __stdcall SvcMain - bind: An attempt was made to access a socket in a way forbidden by its access permissions

If the passphase is wrong you will receive a connection reset see the following error if the debug log:

DEBUG 2013-08-05 21:54:37,241 [00f9c] WebServer net::TCPServer::handleAccept - New SSL connection on port 8443
WARN 2013-08-05 21:54:37,251 [00f9c] WebServer net::TCPServer::handleSSLHandshake - SSL handshake failed on port 8443 (no shared cipher)
DEBUG 2013-08-05 21:54:37,251 [00f9c] WebServer net::TCPServer::finishConnection - Closing connection on port 8443

If the passphrase is completely missing and one is required you will get a connection denied and no errors in the event log and you might have to kill the fdfusion process.

Here’s an example of a successful connection message:

INFO 2013-08-05 22:01:43,229 [01594] WebServer net::TCPServer::start - Server IP 0.0.0.0
INFO 2013-08-05 22:01:43,229 [01594] WebServer net::TCPServer::start - Starting server on port 443
DEBUG 2013-08-05 22:01:43,229 [01594] FileService plugins::FileService::start - Starting up resource ()
DEBUG 2013-08-05 22:01:43,229 [01594] FileService plugins::FileService::start - Starting up resource (/Content)
INFO 2013-08-05 22:01:43,229 [01594] PionScheduler PionSingleServiceScheduler::startup - Starting thread scheduler
INFO 2013-08-05 22:01:43,230 [01594] pion __stdcall SvcMain - SvcMain: starting shutdown manager
DEBUG 2013-08-05 22:01:45,112 [01308] pion __stdcall SvcCtrlHandler - SvcCtrlHandler: SERVICE_CONTROL_INTERROGATE
DEBUG 2013-08-05 22:01:45,112 [01308] pion __stdcall SvcCtrlHandler - SvcCtrlHandler: call ReportSvcStatus
DEBUG 2013-08-05 22:01:45,113 [01308] pion __cdecl ReportSvcStatus - ReportSvcStatus: 4, Exit code: 0, Wait: 0
DEBUG 2013-08-05 22:02:06,367 [00dd8] WebServer net::TCPServer::handleAccept - New SSL connection on port 443
DEBUG 2013-08-05 22:02:06,985 [016e4] WebServer net::TCPServer::handleSSLHandshake - SSL handshake succeeded on port 443
DEBUG 2013-08-05 22:02:06,985 [00dd8] WebServer net::TCPServer::finishConnection - Closing connection on port 443

9.Accessing Fusion via Reverse Proxy Servers

Last updated on September 28, 2018
Full
What Is a Reverse Proxy Server?

A proxy server is a go‑between or intermediary server that forwards requests for content from multiple clients to different servers across the Internet. A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. A reverse proxy provides an additional level of abstraction and control to ensure the smooth flow of network traffic between clients and servers.

Common uses of a reverse proxy server include load balancing, web acceleration, or security and anonymity.

Fusion Configuration

FireDaemon Fusion was designed so that it can be used together with a reverse proxy server.

Nothing needs to be configured at the Fusion server side. All configuration is offloaded to the web server you are using as a reverse proxy.

The way to let Fusion know it is being used from a reverse proxy is by sending an arbitrary “virtual stem” (i.e. a prefix location) via custom HTTP header com.firedaemon.fusion-vstem. This way Fusion knows it should prefix URLs in HTTP response headers and replied HTML content with the specified custom virtual path segment.

Some other details need to be considered when configuring the reverse proxy server; please refer to your web server’s documentation.

For further documentation and a complete configuration example for the Nginx webserver please refer to the FireDaemon knowledgebase.

Suggest Edit