Design new app architecture for testability, expansion, cross platform

[webprofusion-chrisc]

For the next major version of the app it would be desirable for:

• core functionality (and ideally UI) to be unit testable. This requires refactoring of concrete dependencies to allow for mock services etc.
• support for multiple domain validation processes (http-01, DNS, https, other future methods)
• support for sites in IIS, apache, nginx or other webserver types
• a possible move to Xamarin.Forms based UI to support other environments
• an update-able windows service for core request/renewal tasks, reporting (failure notifications etc) and potentially to manage cross-thread access to shared resources (artifact stores)

[Marcus-L]

If you're going to go through the trouble of creating a totally new CertifyTheWeb, I'd suggest an alternate future:

• Move to web-dashboard/agent model
  • Agent (local service)
  • Agent should somehow securely register with the Dashboard (either from CLI or during agent installation) - either PSK or X509 to authenticate
  • Agent maintains a persistent connection (Websocket? AWS IoT?) to the Dashboard
  • Agent handles running pre/post-request scripts (as directed by Dashboard config)
  • Migrate Cert-storage & IIS-management code to a plugin on Agent
  • Agent could slowly handle other web servers with future server-specific plugins (nginx, apache, etc), and other platforms (linux, OSX) via platform-specific agents. Maybe re-use certbot for that functionality?
  • Dashboard (web)
  • Control agents via the persistent connections (or AWS IoT MQTT)
  • Migrate Secret/Key-management (incl. contact registration) code to Dashboard
    • allow ACMESharp vault imports (and maybe certbot config stores?)
  • Migrate renewal scheduling code to Dashboard
  • New features
    • show list of all registered servers and services/websites (i.e. IIS, nginx, apache, etc)
    • show periodic uptime & certificate validity checks
    • confirm correct cert installation after renewal completed
    • auto-alert emailing for uptime/cert-validity/cert-renewal errors

It'd seem like too much work to do for free (?), but maybe you could keep just the agent open source, and offer the Dashboard as a SaaS product (with same free tier as currently exists).

[webprofusion-chrisc]

Hi Marcus,

Thanks for taking the time to ponder this, and yes I agree. If you knew how much of these ideas I already have dotted around my Evernote, you'd actually laugh, then'd you'd be bemused as to why I haven't done them already. The short answer is I'm time-poor (and in relative terms cash cash-poor, still waiting on that free Tesla to arrive someday).

A central dashboard has always been part of the grand plan, but as you rightly point out it's hard to imagine doing that for free. The current conversion rate for free -> paid users is about 0.03%, and perhaps providing a dashboard would convert a few more users to a subscription, but I can't make any significant cash bets. That said, it's pretty clear that's the direction this should go on.

I spent most of last year and some of this year on a commercial project to build a client dashboard for IT services, it included:

• A fancy PWA UI (Ionic 2 , Angular 2+)
• Client and Server APIs (Dotnet Core, with SQL Server)
• A server agent (perform/report Powershell tasks as part of user service requests)
• A desktop client (notifications, reporting)

So the idea of doing the Certify dashboard has been there for a long time, but it's clear from prior experience how much work that really involves (prototype = one week, MVP real thing = a few months, mature end-to-end product = 2 yrs). So it hasn't been started, and yes supporting agents on non-windows OS is clearly something it should have.

I believe there should always be a free tier desktop client - which would be split into GUI and windows service (with the service doing all the real work). Some users just need to manage a single server and ultimately the core purpose is to make it very easy. For sysadmins with complex scenarios scripting/command line tools will likely always be the favoured option. That said, the dashboard could offer them a bit more visibility for their existing systems (not managed by Certify).

Long term I think some users would benefit more from using paid certificate service rather than relying on Let's Encrypt, so offering support for non-LE based CA's is also a thing to consider. Hopefully some will adopt the ACME v2 API, which would open that up. A dashboard reporting on overall mix/status of certs in use would be pretty useful for most organisations (I'm sure such products already exist).

The only part I'm not sure about concerns security. I'm a firm believer in the principle that you must assume your service will eventually be compromised. For that reason I'm cautious about allowing the server to specify scripting actions on the agent side, and about the private key storage. If we assumed someone temporarily got my Azure/AWS credentials, or managed to redirect DNS for certifytheweb.com, the potential impact must be minimal.

[webprofusion-chrisc]

Regarding the split of the app into GUI and a (windows) service. The conventional approach (at least in enterprise stuff) is to make the service a self hosted WCF service, but looking forwards .net core doesn't do WCF on the server side any more.

So I'm thinking the service would be a self hosted .net web api that the GUI talks to. Open to other well established approaches.

Considerations include:

• prevent unwanted remote control if someone leaves the port open etc.
• perhaps in the future you'd want the option to connect from one GUI to multiple servers from known IP ranges.
• self updating or does the installer remain the point of control for updates

[webprofusion-chrisc]

Closing. Main part around splitting GUI into service/UI has been completed. Support for other platforms is a different discussion.