Wiki - Print Server

Compatibility

Objective

Steps

The steps will be the same for each platform, however, the way you regenerate the certificate and install it on the client will vary.

  1. Install QZ Tray
  2. Connect to QZ Tray
  3. Re-run the certificate generation
  4. Move certificates/files to the client
  5. Install qz-tray.crt on the client
  6. Verify secure connection

Install QZ Tray

Install QZ Tray 1.9.5 or higher onto the server via the desktop installer. Refer to this guide if unsure how to do this.

Connect to QZ Tray

By default, the deployQZ(); and qz.websocket.connect(); functions are bound to localhost. This can be overridden.

Note:foo.bar is the hostname of the server.

2.0

1.9

That's it! At this point, an HTTP connection can be made from a client to the server running QZ Tray. The steps below illustrate how to establish an HTTPS connection.

Remove Localhost Bindings

Optional Step: The steps provided in this section illustrate how to create a certificate for a secure (HTTPS) connection. A connection can be made over HTTP.

For secure websockets support (HTTPS), QZ Tray generates a certificate for localhost traffic at install time called qz-tray.crt. In order for QZ Tray to run on a separate machine, the hostname (usually "localhost") must exist in the certificate. This is an override which is done by running a custom script.

Optional: Organizations wishing to use a Trusted CA SSL certificate can do so by manually shimming it into the software.

  1. Re-run the certificate generation ("foo.bar" is the hostname that QZ Tray will run on)

    Note: This will re-generate the qz-tray.properties, qz-tray.crt and qz-tray.jks

    Note: If you require Firefox HTTPS support, Firefox needs to be installed prior to this step.

  2. Restart QZ Tray. This must be done every time you regenerate a certificate.

    Windows

    Open a command prompt as an administrator and run the following commands:

    REM Regenerate the certificate
    cd "%PROGRAMFILES%\QZ Tray\"
    cscript auth\windows-keygen.js . install "foo.bar"

    image

    Linux

    # Reinstall completely with specified hostname
    sudo qz-tray-1.9.x.run -- -y "foo.bar"

    Mac

    # Regenerate the certificate
    sudo /Applications/QZ\ Tray.app/auth/apple-keygen.sh install "foo.bar"
    
    # Optionally, regenerate the Firefox configuration files
    sudo /Applications/QZ\ Tray.app/auth/firefox/firefox-cert.sh install "foo.bar"

Copy Files to Client

  1. Copy qz-tray.crt from the server's QZ Tray installation directory to the client

    Note: Linux stores this in /opt/qz-tray/

  2. Copy the demo folder for testing (located in QZ Tray\demo) from QZ Tray to the client.

  3. Optionally, if Firefox support is needed, copy the following files from the Firefox installation directory:

    • These may be located in C:\Program Files (x86)\Mozilla Firefox\
      • defaults/pref/firefox-prefs.js
      • firefox-config.cfg

    Note: If unsure of the location of these files on your system install QZ Tray on a test system and search for them by name. They are both created by QZ Tray and can safely be overwritten.

Certificate Installation

Certificate installation varies between browsers and platforms. Distributing a certificate marked for a custom hostname is a manual process which much be done on all workstations requiring HTTPS + QZ Tray.

  1. Install qz-tray.crt into Trusted Root Certificates

    Windows

    • Double click qz-tray.crt

    • Click Install Certificate

    • Local Machine, Next

    • Choose "Trust Root Certificate Authorities" and hit Next

      image

    • Click Finish. If successful, the following screen will appear:

      image

    Linux

    • Run the following command to install the certificate

      certutil -d sql:$HOME/.pki/nssdb -A -t TC -n  "QZ Industries, LLC" -i /path/to/qz-tray.crt

    Mac

    • Double click qz-tray.crt

    • Choose System, Add

      image

  2. Import Firefox certificates Firefox does not allow self-signed certificates to be imported directly, instead a manual import process is needed.

    • Overlay the existing Firefox files with the ones transferred over from the server.

      defaults/pref/firefox-prefs.js
      firefox-config.cfg
      
    • Again, these may be located in C:\Program Files (x86)\Mozilla Firefox\

Verify Secure Connection

  1. Open sample.html in a browser

  2. Right Click, Inspect Element on the sample page

  3. Click the Console tab

  4. Verify the secure websocket connection to 8181 succeeds. If a connection is made on a different port, reference the table below

    Secure (HTTPS) Insecure (HTTP)
    8181 8182
    8282 8283
    8383 8384
    8484 8485

    Note: If HTTPS still fails, or you are experiencing long timeouts before a connection is made, a firewall may be blocking the connection. Try disabling the firewall, or allowing the port on the server.

    image

Edit this page