This application connects to any domain registry that is compatible with Extensible Provisioning Protocol (EPP) version 1.0 (described by RFC 5730)
EPP web client is built on Ruby on Rails without database. All request goes strictly over EPP or REPP.
Usual Rails 4 app installation, rbenv install is under Debian system setup
Manual demo install and database setup:
# at your server
cd /home/registry
git clone https://github.com/internetee/EPP-web-client.git demo-webclient
cd demo-webclient
rbenv local 2.2.2
bundle
cp current/config/application-example.yml shared/config/application.yml # and edit it
cp config/secrets-example.yml config/secrets.yml # and generate your own key with 'rake secret'
bundle exec rake assets:precompile
Production install
# at your local machine
git clone https://github.com/internetee/EPP-web-client.git webclient
cd webclient
rbenv local 2.2.2
gem install mina # or any other deploy tool
cp config/deploy-example.rb config/deploy.rb # and edit it
mina pr setup # one time, only creates missing directories
ssh webclient
# at your server
cd webclient
# You can generate secret keys with 'bundle exec rake secret'
cp current/config/secrets-example.yml shared/config/secrets.yml # and edit it
cp current/config/application-example.yml shared/config/application.yml # and edit it
exit
# at your local machine
mina pr deploy # when using mina deploy
For Apache, epp web client goes to port 443 in production, /etc/apache2/sites-enabled/webclient.conf short example:
<VirtualHost *:443>
ServerName webclient.example.com
ServerAdmin admin@example.com
PassengerRoot /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini
PassengerRuby /home/registry/.rbenv/shims/ruby
PassengerEnabled on
PassengerMinInstances 1
PassengerMaxPoolSize 10
PassengerPoolIdleTime 0
PassengerMaxRequests 1000
RailsEnv production
DocumentRoot /home/registry/webclient/current/public
# Possible values include: debug, info, notice, warn, error, crit,
LogLevel info
ErrorLog /var/log/apache2/webclient.error.log
CustomLog /var/log/apache2/webclient.access.log combined
SSLEngine On
SSLCertificateFile /etc/ssl/certs/your.crt
SSLCertificateKeyFile /etc/ssl/private/your.key
SSLCertificateChainFile /etc/ssl/certs/your-chain-fail.pem
SSLCACertificateFile /etc/ssl/certs/ca.pem
SSLCARevocationFile /home/registry/registry/shared/ca/crl/crl.pem
# Uncomment this when upgrading to apache 2.4:
# SSLCARevocationCheck chain
SSLProtocol TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
<Directory /home/registry/webclient/current/public>
# comment out if Apache 2.4 or newer
Allow from all
# uncomment if Apache 2.4 or newer
# Require all granted
Options -MultiViews
</Directory>
SSLVerifyClient none
SSLVerifyDepth 1
SSLCACertificateFile /home/registry/registry/shared/ca/certs/ca.crt.pem
RequestHeader set SSL_CLIENT_S_DN_CN ""
<Location /sessions>
SSLVerifyClient require
RequestHeader set SSL_CLIENT_S_DN_CN "%{SSL_CLIENT_S_DN_CN}s"
</Location>
</VirtualHost>