Enable HTTPS in the LEADTOOLS Web Scanning Host Demonstration

Posted on 2016-05-17 by Hadi

UPDATE

While most features in LEADTOOLS are backwards-compatible and older how-tos still apply in newer versions, the features discussed in this post have changed significantly in Version 20. Please refer to the following forum post for an updated version of this tutorial:

https://www.leadtools.com/support/forum/posts/t12633-HOW-TO–Enable-HTTPS-in-the-LEADTOOLS-Web-Scanning-Host

Overview

HTTPS (HTTP over SSL/TLS) security is a requirement for many web applications. When properly implemented, HTTPS ensures that the traffic received was really sent from the expected endpoint, protecting the client and server. When a web application is secured via HTTPS, all resources, including web services, must also be secure. Fortunately, HTTPS support is practically ubiquitous and most of the plumbing is already in place. However, HTTPS requires a machine-specific certificate, which is why HTTPS is not enabled in the LEADTOOLS Web Scanning Host demonstration by default.

Web Scanning Host

The LEADTOOLS Web Scanning Host bridges the gap between the browser and client’s desktop. TWAIN is a messaging protocol that relies on a window handle as a target. This means that TWAIN scanners are not available in JavaScript or Silverlight. This is an obvious problem for web developers. A WCF service class can be self-hosted and used as a proxy to cross this boundary. The LEADTOOLS Web Scanning Host demonstration is a self-hosted WCF implementation with CORS and HTTPS support.

The project can be found in the LEADTOOLS installation folder: “C:\LEADTOOLS 19\Examples\DotNet\CS\Leadtools.WebScanning.Host”

In addition to the Web Scanning Host demonstration, LEADTOOLS includes a web scanning demonstration with HTML and TypeScript source code. It may be found in this folder: “C:\LEADTOOLS 19\Examples\JS\Documents\ScanningDemo”

Objectives

Enable HTTPS support in the LEADTOOLS Web Scanning Host demonstration application, so the services can be accessed from secure web applications such as Microsoft Dynamics CRM.

Get LEADTOOLS 19

The first step is to install LEADTOOLS and get a development license. If you just want to test without purchasing a development license, you can register to get a time-limited, but fully-functional evaluation development license. Register for the LEADTOOLS Evaluation SDK for Windows to get an evaluation development license emailed to the address you register. The Main Evaluation SDK also includes the projects and LEADTOOLS binaries that are required to complete this project.

Add HTTPS Support to the Host

Adding HTTPS support to the web scanning host does not require any source code changes. To enable HTTPS support, you need to modify the conditional compilation symbols in the project’s build settings to include HTTPS_SUPPORT.

Once HTTPS_SUPPORT has been defined, the next step is to purchase or create an SSL certificate that can be used to encrypt the traffic between the client and service. There are at least three ways to get an SSL certificate, each with pros and cons.

  • Create a self-signed certificate to be used as a trusted root certificate and create a host certificate using the trusted self-signed certificate. This is the easiest for developers to do. The drawback is that the certificate is only trusted on the machine the certificate is created. This means that the web application calling the service will only work on that computer. However, for development and internal deployments, it is hard to beat the cost (nothing).
  • Create a certificate signed by an internal or domain Certificate Authority (CA). These certificates are usually trusted across the domain, but the IT department might need to be involved and it is possible that your organization does not have an internal CA. Still, each client that will be running the host will need a machine-specific SSL certificate, but it could allow users to share a scanner.
  • Purchase an SSL certificate from an external trusted authority such as Symantec (VeriSign), Thawte, or GoDaddy. This has the same benefits as a domain certificate, but does not require a domain certificate authority. The drawback is that this is the most expensive option, which could be prohibitive.

There are many resources on the Internet that explain each of the options described above in more detail. No matter which certificate option chosen, steps 4-7 of the instructions below will be the same.

For the purposes of demonstrating the Web Scanning Host, the steps to create, store, and bind a self-signed certificate follow. The tools used are MakeCert.exe, MMC or CertUtil.exe, and netsh.

  1. Start an elevated (run as administrator) Visual Studio 2012 (or newer) command prompt. The version of MakeCert.exe is very important as discussed in the “MakeCert Hell” post. As long as a Visual Studio 2012 or new command prompt is used, the MakeCert version will be correct.
  2. makecert-authority
    Use MakeCert.exe to create a self-signed root certificate that can be used as a Certificate Authority.
    
^
makecert -sv SignRoot.pvk -cy authority -r signroot.cer ^
-a sha256 -n "CN=Dev Certification Authority" -ss root ^
-sr localmachine
    This will display a message box asking to set a password. Click the None button.
  3. makecert-endpoint
    Use MakeCert.exe to create an endpoint certificate for HTTPS communication. The host name in the certificate must match the host used to call the self-hosted service. In this example, the loopback address of 127.0.0.1 is used as the host name.
    
^
makecert -iv SignRoot.pvk -ic signroot.cer -a sha256 ^
-cy end -pe -n CN="127.0.0.1" -eku 1.3.6.1.5.5.7.3.1 ^
-ss my -sr localmachine -sky exchange ^
-sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
  4. mmc-certificates
    Netsh is used to bind the certificate to a specific IP, port, and application. The certificate thumbprint (hash) is used to identify the certificate.

    The thumbprint can be manually retrieved by running MMC and adding the certificate add-in for the Local Computer account. Double-click the certificate, go to the Details tab, select Thumbprint, highlight the value and press Ctrl + C to copy.

    get_hash-batch
    Alternatively, you can create a simple batch file to use certutil.exe to get the thumbprint:
    
@echo off
for /F "delims=: tokens=2" %%a in ('certutil -store -silent my 127.0.0.1 ^| findstr /B "Cert Hash(sha1):"') do set _hash=%%a
set _hash=%_hash: =%
echo %_hash%
  5. An application id is also required by netsh to identify the application. That is the service host’s assembly GUID and can be found in the AssemblyInfo.cs file of the service project.
    
// The following GUID is for the ID of the typelib 
// if this project is exposed to COM
[assembly: Guid("813dfac6-3868-4e87-87de-f3d7c5572068")]
  6. Call netsh to bind the certificate for SSL on the correct IP, port, and application.
    
^
netsh http add sslcert ipport=0.0.0.0:443 ^ 
certhash=ff9a8ebcaf68797eff36f8ae9b0739a288292f50 ^ 
appid={813dfac6-3868-4e87-87de-f3d7c5572068}
    Replace the certhash and appid with your values. The binding may be verified by running the following command:
    
netsh http show sslcert ipport=0.0.0.0:443
    Put all of these together into a batch file and you have a simple way to create a self-signed certificate and bind it to the IP and application.

Conclusion

Enabling HTTPS support is an important first step in bridging the gap between secured browser applications such as Dynamics CRM and the desktop. However, HTTPS is not enabled by default because a machine-specific certificate is required to encrypt the connection. Fortunately, the steps required can be done easily and without the need to purchase a certificate.

Support

Need help getting this sample up and going? Contact our support team for free technical support! For pricing or licensing questions, you can contact our sales team (sales@leadtools.com) or call us at 704-332-5532.

Posted in Document Imaging, General Imaging | Tagged , | Leave a comment

OCR Features Video

Posted on 2016-05-09 by Hadi

Today, we published a new video that highlights some of the LEADTOOLS OCR SDK features that set it apart from the competition. Thousands of developers rely on the LEADTOOLS OCR SDK to create enterprise-level OCR, forms processing, MICR, and OMR solutions. Watch the LEADTOOLS OCR SDK features video to see why.

We hope you enjoy the video. If there are any specific LEADTOOLS features you want to see highlighted on our YouTube channel, please let us know!

Posted in OCR | Tagged , , , | Leave a comment

New Imaging Technology for Java Programmers

Posted on 2016-04-28 by Hadi

Last week we touched briefly on the new Java libraries in our post about the latest Document Imaging features for Linux in LEADTOOLS. Today we’ll take a closer look at what the LEADTOOLS April update has for Java programmers as a whole, because it extends far beyond just Linux and document imaging.

The recent LEADTOOLS Version 19 update added far-reaching Java support for both Windows and Linux operating systems. These new, highly-requested imaging libraries for Java include functionality for nearly all markets and imaging technologies that LEADTOOLS is known for:

  • Viewers
  • Image formats
  • Compression
  • Image processing
  • Document Viewer and Converter
  • OCR
  • Barcode
  • Annotations
  • DICOM

With Java comfortably holding one of the top spots in the world among programming languages, there are bound to be a huge number of developers and project managers ready and searching for ways to add imaging technology to their existing applications. This much is true from our conversations with customers looking for OCR, barcode, image conversion, and the like. We are happy to fill that need for the many Java development shops out there.

Also, Java developers working on new projects will be ready to create just about any application their clients might need on Linux and Windows. These new libraries closely resemble their .NET counterparts, which means if your goal is to port an existing application to the Java platform, you’ll have a fairly smooth transition.

Click here to learn more about LEADTOOLS Imaging Technology for Java.

Posted in News | Tagged , , , , , , , , , , , , | Leave a comment

Medical and Web Technology: Perfect Match with LEADTOOLS

Posted on 2016-04-26 by Hadi

At first glance, medical imaging technology and web may appear to be incompatible technologies because of non-standard medical-image bit depths and the huge amount of data associated with even just one DICOM dataset. However, as demonstrated with this last release, the engineers at LEAD Technologies continue to develop frameworks, technologies and algorithms that provide HTML5 developers tools to work with medical images over the wire, while still ensuring great UX for their users.

With input from numerous customer requests, structured display, templates and custom layouts have been added to the HTML5 Medical Viewer. With these features, the end-user can design custom display templates choosing from three ways to arrange series images: sequentially, DICOM instance number or custom alternative with JavaScript. Users can save the templates to a LEADTOOLS storage server as a DICOM structured display dataset; the LEADTOOLS Medical Viewer will use this to render series.

Besides adding new features, LEAD Technologies continues to refine the HTML5 Medical Viewer and related services with load, window-level, image processing and animation optimizations. Faster window-leveling opens the door to window-level even higher resolution images than were possible before. Other enhancements include better spy-glass support and support to load all types of images such as CT, MR, and MG.

At the core of many of these enhancements is the new multi-resolution and tiled image (MRTI) technology, which optimizes the delivery of large, extremely high-resolution images. MRTI intelligently serves a portion and resolution of the image based on the specific client request. This saves bandwidth, reduces memory requirements and improves the overall efficiency of the entire system.

To expand interoperability support with other PACS systems, LEAD Technologies now provides WADO-URI, WADO-WS, WADO-RS, STOW-RS and QIDO-R DICOMweb services that interface with LEADTOOLS PACS. These services conform to the latest version (2015c) of the DICOM PS3.18 specification. The source code for the services is available with LEADTOOLS PACS Imaging and LEADTOOLS Medical Imaging Suite products.

The healthcare industry remains an important vertical market for LEAD Technologies. We will continue to innovate, enhance, and extend LEADTOOLS to provide the highest quality and most complete DICOM and medical-imaging SDKs available. For more information, contact sales@leadtools.com.

Posted in News | Tagged , , , , , , , , , | Leave a comment

LEADTOOLS for Linux – Document Features and Java

Posted on 2016-04-21 by Hadi

There are many reasons why Linux administrators are die-hard fans, and Linux will remain a viable option to host services for many years to come. Recognizing the many benefits of Linux, LEAD Technologies has released a major update to its LEADTOOLS for Linux offering, which is available in its LEADTOOLS Document and Medical product families. With these features now available, Linux developers and administrators can leverage LEAD Technologies’ years of experience to build and host modular, enterprise document services on secure and stable Linux servers.

The LEADTOOLS Document Viewer services can now be hosted on Linux as Java services. The LEADTOOLS Document Viewer includes rich document-viewing features such as text search, annotation, memory-efficient paging, inertial scrolling and vector display of files such as PDF, SVG, DOCX and DWG/DXF in HTML5 applications.

LEADTOOLS Document Writers create PDF, PDF/A, DOCX, RTF, TEXT and ALTOXML from SVG input. Other technologies within LEADTOOLS that create SVG, such as OCR, can leverage the Document Writers to save these document formats. This makes Linux the perfect platform to host enterprise OCR services to convert images to searchable and editable document formats.

LEADTOOLS Document Converter technology is now available for Linux to create powerful, automated document conversion, archival and delivery systems. Under the hood, LEADTOOLS Document Converter technology uses a combination of raster, OCR and Document Writers technologies to convert images and documents to PDF, PDF/A, DOCX, RTF, TEXT and SVG.

TWAIN remains the standard to acquire images from devices for Windows. Unfortunately, manufacturers have not taken up the mantle to provide these drivers for Linux. To work-around this limitation the Linux community has adopted the open-source SANE framework and has started creating SANE backends for many image capture devices. Recognizing that image capture is a requirement for complete document workflow, LEADTOOLS provides a Linux SANE frontend API to communicate with SANE backends.

Another major change to LEADTOOLS for Linux is a collection of new Java libraries. These Java libraries provide LEADTOOLS functionality to Linux with support for OCR, Documents library services, Document Writers, Document Converter, vector and document formats such as PDF and DOCX, and SANE scanning. Additionally, the libraries provide a common programming interface to develop applications for Windows and Linux.

With this major update, which is free to all LEADTOOLS customers with current a maintenance plan, developers can build robust, stable and secure enterprise document systems for Linux. For more information, contact sales@LEADTOOLS.com.

Posted in News | Tagged , , , , , , , | Leave a comment