Algorius Net Viewer Manual | Web Server

General Information

Web Server provides access to Algorius Net Viewer servers from the app and the web interface. Web Server launches automatically on the Algorius Net Viewer server and is available at the specified address.

The address is set up in Algorius Net Viewer Server Setup, at the Web Server step.

At this step, you are required to specify the address of the current computer to access the server. The address is specified as Windows HTTP Server API address format.

Address String Format

If you want to start the Web server on a port, for example, 3234, on all network interfaces of the current computer, then specify the following address string:

  • http://+:3234/

The port number can be missed, in this case the Web server starts on the standard HTTP port (80), for example:

  • http://+/

You can set a specific URL, where the Web server will be available (in this case, access by another URL will be impossible), for example:

  • http://MyServer:3234/VirtualDir/
  • http://192.168.1.2
  • http://localhost

It is possible that the port is used by another application. In this case, you should consider, that Algorius Net Viewer Web server uses the Windows HTTP Server API. It gives possibility for many applications on a computer to listen on the same IP address and port — as long as each registers different address prefixes. For example, you can use http://MyServer/VirtualDir/, so another application would be free to listen http://MyServer. When a port is set, the host element can be replaced with '*' to specify that the Web server accepts requests sent to the port if the requested URI does not match any other registered one. For example:

  • http://*:8080/

Similarly, to specify that the Web server accepts all requests sent to a port, replace the host element with the "+" character:

  • https://+:8080

The '*' and '+' characters can be present in prefixes that include paths.

How to use HTTPS (SSL)

You can use HTTPS for encryption and secure transfer of data between the users and the server. To do this, you would need to:

  • Obtain an SSL certificate.
  • Import it into your OS.
  • Bind the certificate to your server's address.

How to get an SSL certificate

If you already have a valid certificate for a domain that supports an Algorius Net Viewer server, you can use that instead. If you don't have such a certificate, you can order one from a Certificate Authority or generate a self-signed certificate.

Note: If you decide to use a self-signed certificate, the browser — for security purposes — will display an error message upon accessing the web interface. In that case, you will need to make it trust the site's certificate. Once that's done, the browser will start displaying the web interface, but will still mark the connection as not private. Modern browsers always consider sites with self-signed certificates to be unsecure, since it means the validity of the website cannot be verified. However, the traffic will still be encrypted.

There are many ways to generate a self-signed certificate: you can use PowerShell, IIS, MakeCert, or OpenSSL. The most convenient tool for it is PowerShell. To do it, run PowerShell.exe as administrator and execute the following command:

New-SelfSignedCertificate -DnsName hostname -CertStoreLocation cert:\LocalMachine\My -NotAfter (Get-Date).AddYears(10)

Instead of hostname specify the name of the host for the Algorius Net Viewer server, for example: localhost

This command will generate a certificate with a validity period of 10 years and will instantly import it into the local storage. Once the operation's complete, the system will display the Thumbprint: a hexadecimal hash of the certificate that you'll require to bind it to the web server's address.

Note: This PowerShell command is not available on Windows 7. In this case, you can use other tools to generate a certificate, for example, OpenSSL http://www.openssl.org/ using the following commands:

# generate private key and certificate:

openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3650

# export private key and the certificate to pfx format:

openssl.exe pkcs12 -inkey key.pem -in cert.pem -export -out cert.pfx

How to import the SSL certificate into the OS

If you've generated the certificate using the aforementioned PowerShell command, it will be imported into the OS automatically, so you won't need to follow these steps.

If you have a certificate you need to import into the OS, go through the following steps. Run certlm.msc, which will display the certificates of the local computer. In the left list, go to Certificates Local computerPersonalCertificates, then select ActionAll tasks Import. Enter your certificate in the PFX or P12 (private key) format and complete the import. The certificate will be displayed on the list of certificates. Check if the certificate's icon has a key. It would mean it contains a private key. Without one, you won't be able to use it for web servers. Open the certificate, go to Details and scroll down to Thumbprint. The Thumbprint is a hexadecimal hash of the certificate that you'll need to bind that certificate to the web server's address.

How to bind the SSL certificate to the web server's address

Once the certificate has been imported into the computer's storage, you can bind it to the web server's address. To do it, run PowerShell.exe as administrator and execute the following command:

netsh.exe http add sslcert hostnameport=hostname:port certhash=0000000000000000000 appid='{14DB0D50-F6DD-4E75-B424-D700351AA313}' certstorename=MY

This command is also available from the command line (cmd.exe), run with administrator rights, but the appid value must be specified without single quotes.

Instead of hostname:port specify the host name and the access port for the web server, for example: localhost:443

If you'd rather use an IP address instead of a host name, substitute the hostnameport attribute with ipport, for example: ipport=192.168.1.100:443

Substitute 0000000000000000000 with the certificate's hash. See above.

Do not change the value of the appid attribute, it is the identifier of Algorius Net Viewer Server application.

Once the certificate is successfully bound to the web server's address, during the server configuration, at the Web server step, specify the HTTPS address, such as https://localhost. At the last step of the configuration the server will be rebooted and will become accessible at the specified address.

Note: If the address already has another certificate bound to it, in order to bind a new one, you'll need to unbind the previous certificate using the following command:

Netsh http delete sslcert hostnameport=hostname:port

Web Interface

You can access Algorius Net Viewer servers via the web interface using web browsers.

To access the web interface, select Open Web Interface in the Server panel, or launch a web browser and enter the server web address.

Web interface provides the following information:

  • List of the network maps.
  • Map images allowing to navigate through map devices or other maps.
  • Descriptions of devices and lines.
  • Reports on maps, devices, monitoring and inventory.
  • Monitoring diagrams.

Due to autorefresh option with period indication it is possible to perform dynamic monitoring via Web interface, and due to active client-side caching the application creates a minimum of network traffic and ensures maximum performance.

There are following features available:

  • Authentication.
  • Search.
  • Report creation based on the one map, group of maps or all maps.
  • Data filtration in reports by different parameters.
  • Report export into different formats (Word, PDF, Excel, XML, CSV).
  • Fullscreen mode.
  • Sorting inside reports by columns.
  • Fast navigation between maps.

Web Access log

Web servers keep web interface access logs.

Web interface access logs contain information on visited pages and created reports: address, user name, packet size, duration of request processing, return code.

The logs are kept in the database and can be viewed using web access logs report.

You can also set the program to automatically remove old log records. See Logging configuration for more information.