Skip to main content

Ports, Network requirements, SSL configuration

The Q-net v7 system is entirely web-based. Browser clients connect through a WebSocket connection. Embedded web server handles the incoming requests. Besides the browser requests, the application is also handling some hardware elements through the network. This task is performed by the so called "Device Controller" service. This device controller included in the server - for simple, one branch installations, and they are also existing on every ticket dispenser, media player, etc.

Ports

By default the server http communication is working on port TCP 3000, however it is more safe to use https communication with SSL certificate installed. In this case the default https port is TCP 443.

The external device controller are using the (TCP3000 by default) port to establish connection to the server. They are also opening a port (default value TCP 8000) for the connection of SD20 communication boxes.

Network requirements

For the proper functioning of the system, it is necessary to ensure the operation of the mentioned ports on every firewall, router, load balancer, etc. involved in the communication.

In most cases, the system uses REST calls to minimize network traffic as much as possible. However, for the desired user experience, it is important that the network response time must be low between the server and clients.

SSL config

The modern browsers are requring https connections. Without it some features (pop-up window, notification, sound alert) might not work.

The Q-net v7 system supports https protocol via different SSL configurations. This configuration can be set in the application.yml file (default location is c:\Program Files\Q-net\Pro 7\conf).

Open this yml file in any text editor to set up the SSL configuration. Use "open as administrator" option to be able to save the file to its original location. To enable an option remove the "#" sign from the beginning of the line.

The system supports 3 different SSL configurations:

  • "Self-signed": If this option enabled the certificate files will be generated automatically, and it allows https connection. The browsers will still show unsecure connection, but the features which requires https connection should work. However it can be changed because the browsers are using more and more strict rules with the newer versions.

  • "Keystore": With the help of KeyStore Explorer you need to create a new Keystore.

    or if there is an existing SSL certificate available – you would need to import it:

    If there isn’t any available SSL certificate you would need to create one:

    SAVE the JKS Keystore file. While saving the file it will ask for a password two times. The two password needs to be the same. The first password is for the keypair and the second one is for the keystore file. This needs to be given in the config as “password” parameter, while the "keystore" parameter should contain the path of the created keystore file.

  • "Cert": Enable this option if you have valid certificate for the domain of the Q-net 7 server. At the parameters you'll need to enter the location of the ssl key file and the certificate file. Also it might be necessary to use a passphrase for the certificate, in this case add a "password" parameter line.

Besides the certificate settings it is also necessary to change the communication port, from the default TCP 3000 to the standard https port, TC 443. This can be done also in the application.yml file as below:

After saving all the settings in the application.yml file start / restart the Q-net Pro 7 service. Now the system start page can be opened via a secure SSL connection: https://servername/