Technical Specifications maestro*MOBILE

Printable document

Objective

This document consolidates the various components or recommended configurations to run the maestro*MOBILE application in an optimal manner. It must be provided to your technician in order for him to be properly informed and validate the required configurations.

If you have questions, you can reach our technicians by contacting the Software Support Department by one of the following options:

  • by phone, at 514-990-1897 or toll-free at 1-877-833-1897;
  • by email at support@maestro.ca.

 

Summary

To quickly access a topic, click on one of the following hyperlinks:

 

Installation Prerequisites

General Prerequisite

It is important that the version of maestro* is the same as the version of the installed mobile application. The two products must also be updated at the same time.

 

Server Environment

  • IIS 7.5 or higher (present on Windows 2012 R2 (or higher) or Windows 10 (or higher) allowing access by Internet (http and https); this server must be able to communicate with the maestro* server;
  • Microsoft .NET 4.8;
  • Static IP address / External DNS address for the IIS server.

 

Client Environment

The mobile application is tested and functions optimally on the following devices:

  • iOS – The current version or the version just before;
  • Android – The current version or two versions just before;
 

The application works and is tested on devices, regardless of operating system, with a minimum screen size of 4” (diagonal). If the device shows minor display problems, in this case, contact Maestro to request that we correct these situations.

 

Display Settings

iOS

Maestro*MOBILE can be obtained from a Web browser by typing the URL address from which your mobile instance is called in the search field. However, the application is displayed as a Web site and the status and navigation bars are limiting the maestro*MOBILE content. In order to mask those bars and access the application from an icon on the homepage, perform the following steps:

  1. Access to maestro*MOBILE from the Web browser of your device.
  2. Tap on the icon in order to display a menu and some additional icons.
  3. Tap on the icon .

Important de faire ça avec Safari

Maestro*MOBILE is now accessible from the homepage of the device and is shown as a new icon .

 

iOS update

When an iOS update is performed, error messages can be displayed in the application or during its launch. It is required to delete the maestro*MOBILE icon on the device’s homepage. The user must access the application from a Web browser and add again the icon on the homepage, as described previously.

 

Recommendations for Technicians

Hosting

The maestro*MOBILE service must imperatively be hosted on your own servers. Maestro*MOBILE can be installed directly on your maestro* DATA server or on another server in the same network.

 

Address

Generally, the mobile application will be accessible from two IP addresses.

  • First, the internal IP address that the internal network server uses (Intranet).
  • Secondly, the external IP address accessible from the Internet that exposes the external router or the firewall machine and that redirects calls to the mobile server.

Example:

Internal Address = 192.168.1.101

External Address = 24.224.1.196

 

Router / Firewall

Your router/firewall must be configured to allow external access to maestro*MOBILE:

  • This configuration allows external mobile requests to reach the server where maestro*MOBILE is installed;
  • This configuration should be prepared by your IT service.

If this configuration is not achieved, maestro*MOBILE won’t be accessible outside of your office.

Vew sections Ports and DMZ.

 

DNS

Instead of accessing the application with the IP address of the internal machine or with the external IP address, it is recommended to create a DNS alias for the application to be easily accessible, regardless of the location of the calls.

Example:

Internal DNS (Infra intranet) = maestro.client.com that points to 192.168.1.101

External DNS (Domaine management) = maestro.client.com that points to 24.224.1.196

 

Ports

Web applications such as the maestro*MOBILE application use the port 443 by default. However, it is possible to use other ports if the infrastructure or the needs are particular.

It is possible to change these settings during the installation of the application or directly in the server’s IIS console.

The communication ports between the maestro* and mobile servers must also be opened, as stated in the DMZ section.

 

Web Site

Scenario 1: Create a new Web site

During the installation, it will be possible to directly create a new Web site. It must specify a port available on the machine. By creating a new site, the application will be directly accessible at the root.

Example : Create a new Web site on port 443

The application will be accessible from the address: https://maestro.client.com

Scenario 2: Install on an existing site

It is possible to install the application on an already existing site. To do so, you must select the desired site during the installation.

Example: Use an existing site that is on port 443

The application will be accessible from the address: https://maestro.client.com/maestro

 

DMZ

Although it is possible to install the mobile server on the maestro* server, it is recommended that the mobile server should be placed in a DMZ. The Web server displaying the mobile application on the Internet communicates on the internal network by secure ports and gives access to maestro*'s data (port 15001 for mobile services, port 1583 for maestro* in Pervasive mode, or port 1433 for maestro* in MS SQL mode). This ensures that the maestro* server is not directly exposed on Internet and reduces the potential attacks on the internal infrastructure.

 

SSL

If the option for the creation of Web sites has been selected during installation, the process configures a Web site in IIS which is configured as just HTTP. It is a good practice to expose the public web sites in HTTPS so that exchanges between the server and the mobile devices are secure. You must install a certificate in IIS to activate the binding HTTPS on the site. Here are the details for the configuration.

 

Secure Mode Activation

The use of HTTPS secure mode is strongly recommended.

 

HTTPS

Install a certification in IIS 7.5
  1. Click on Start, then Administrative Tools, and then on Internet Information Services (IIS) Manager.
  2. Click on the server name.
  3. From the center menu, double-click on the Server Certificates button in the Security section (it is near the bottom of the menu).

  1. Next, from the Actions menu (on the right), click on Create Certificate Request. This will open the Request Certificate wizard.

  1. In the Distinguished Name Properties window, enter the information as follows:

Field

Description

Common Name

The name through which the certificate will be accessed (usually the fully-qualified domain name, ex: www.domain.com or mail.domain.com).

Organization

The legally registered name of your organization/company.

Organizational Unit

The name of your department within the organization (frequently this entry will be listed as "IT," "Web Security," or is simply left blank).

City/Locality

The city in which your organization is located.

State/Province

The state / province in which your organization is located.

Country/Region

Canada or United States.

 

  1. Click on Next.
  2. In the Cryptographic Service Provider Properties window, leave both settings at their defaults (Microsoft RSA SChannel and 4096) and then click Next.

  1. Enter a filename for your CSR file.
 

It is important to make note of the filename that you choose and the location to which you save it. You will need to open this file as a text file and copy the entire body of it (including the Begin and End Certificate Request tags) into the online order process when prompted.

  1. Open this file in a text editor, like Notepad or WordPad, copy the entire contents of this file and copy it to your computer’s clipboard.
  2. Choose an online SSL certificate provider such as GoDaddy, Thawte, Verisign or other. Create a certificate request with the information in your clipboard. Please follow the procedure given by the provider of your choice. The whole process can take a few minutes to a few days depending of the chosen provider and the type of certificate selected.
  3. Once the certificate issuing process is finished and you receive the certificate confirmation, go back to the Internet Information Services (IIS) Manager in the Administrative Tools.
  4. Click on the server name.
  5. From the center menu, double-click the Server Certificates button in the Security section (it is near the bottom of the menu).

  1. From the Actions menu (on the right), click on Complete Certificate Request. This will open the Complete Certificate Request wizard.

  1. Browse to the certificate file that you received from your provider. You will then be required to enter a friendly name. The friendly name is not part of the certificate itself, but is used by the
  2. Clicking OK, will install the certificate on the server.
 

There is a known issue in IIS 7 giving the following error: "Cannot find the certificate request associated with this certificate file. A certificate request must be completed on the computer where it was created." You may also receive a message stating "ASN1 bad tag value met". If this is the same server that you generated the CSR on then, in most cases, the certificate is actually installed. Simply cancel the dialog and press F5 to refresh the list of server certificates. If the new certificate is now in the list, you can continue with the next step. If it is not in the list, you will need to reissue your certificate using a new CSR.
  1. Once the SSL certificate has been successfully installed to the server, you will need to assign that certificate to the appropriate website using IIS
  2. From the Connections menu in the main Internet Information Services (IIS) Manager window, select the name of the server to which the certificate was installed.
  3. In the Sites section, select the site to be secured with SSL.
  4. From the Actions menu (on the right), click on Bindings. This will open the Site Bindings window.

  1. In the Site Bindings window, click Add... This will open the Add Site Binding window.

  1. Under Type, choose https. The IP address should be the IP address of the site or All Unassigned, and the Port over which traffic will be secured by SSL is usually 443. The SSL Certificate field should specify the certificate that was installed in step 15.

  1. Click on OK.

  1. Your SSL certificate is now installed, and the website is configured to accept secure connections.

 

Procedure for the Initial Installation

The package must be copied onto the Web server.

Required information to complete the installation:

  • Internal IP Address (DNS if used)
  • External IP Address (DNS if used)
  • Port
  • Maestro* Pervasive server Address

 

A. Create a Web Server

  1. In the Server Manager, click on Add roles and features.

  1. At the Before you begin wizard window, click on the Next button.

  1. In the Select installation type section, chose the Role-base or feature-based installation option and then click on the Next button.

  1. In the Select destination server section, chose the Select a server from the server pool option and then click on the Next button.

  1. In the Select server roles section, select the Web Server (IIS) option.

  1. In the Add features that are required for Web Server (IIS)? window that appears, click on Add Features.

  1. Back in the Select server roles section, click on Next.

  1. In the Select features section, click on .Net Framework 4.8 Features, and then on ASP.NET 4.8. Click on Next.

  1. At the Web Server Role (IIS) function, click on Next.

  1. At the Select role services function, ensure that the options Web Server, Common HTTP Features and Static Content are checked.

  1. Still in the Select role services section, slide the scroll bar to the Application Development option, select it, and then check the ASP.NET 4.5 option.

  1. In the Add features that are required for ASP.NET 4.5? window that appears, click Add Features.

  1. Back in the Select role services section, click on Next.

  1. In the Confirm installation selections section, click on Install.

  1. In the Installation progress section, click on Close.

 

B. Install the Mobile Application

The maestro*MOBILE installation must be performed by a qualified Maestro Technologies technician. Please communicate with the Software Support Department to request the assistance of a technician.

 

C. Update the Mobile Application

  • If maestro*MOBILE is installed on the data server, simply update maestro* using the normal procedure; maestro*MOBILE will automatically be updated.
  • If maestro*MOBILE is installed on a different server, but on which the maestro* client is also installed, simply launch maestro* and the update will begin. Once the update begin, just follow the displayed instructions.
  • If maestro*MOBILE is installed on a separate server, start by updating maestro* on the data server.

Then copy on the maestro*MOBILE server the same kit used to update the maestro* server and launch it. The mobile update will begin; simply follow the displayed instructions.

 

Validation of the Installation

Once the application has been installed, validate the installation by accessing it through a browser.

  1. Depending on the type of installation, access the application in Google Chrome by entering the address of your website for maestro*MOBILE.

  2. Enter a maestro* user and password to confirm that the installation is successful.
    If the configuration screen appears, the application is functional.
  3. To perform a diagnosis in case of error:
    1. In Google Chrome, go to the developers options (F12) and then select the Network tab.
    2. Press the Login button to see the server call appear.
    3. Diagnose the error by double-clicking on the message.

 

Last modification: September 19, 2024