Knowledgebase : 7) Server Queries
   

Self Hosted FrogLearn requires a valid SSL certificate to be installed on the server for you to be able to access the FrogOS software. For security reasons, FrogOS runs purely over SSL.

Supported Certificates
The following types of SSL Certificate are supported and can be used on a FrogServer.

Single Name

Single Name certificates are the most common certificate and only covers only a single domain name (most providers include www. in the certificate) eg. vle.myschool.com and www.vle.myschool.com

SAN (Subject Alternative Name)
SAN or Multi-Domain certificates cover multiple different domain names and can be used across multiple servers eg. vle.myschool.com, mail.myschool.com, myschoolothername.com, anotherschool.net, myschool.sch.uk.

Wildcard
Wildcard certificates cover all sub-domains of a single domain and can be used across multiple servers eg *.myschool.com (this would cover anything before the .myschool.com, so vle.myschool.com, mail.myschool.com, portal.myschool.com etc).

EV (Extended Validation)
EV certificates can be any of the above type, but these certificates set green bar in most browsers showing the owner of the certificate for extra validation.


We do not currently support the use of Free SSL Providers such as Lets Encrypt. We will be looking into adding support for Lets Encrypt in the future.


CSR Generation
Your chosen SSL provider will generally provide instructions on how to generate a CSR (Certificate Signing Request) for you to be able to purchase a SSL Certificate.

Frog do not provide CSR files. If you are struggling to generate a CSR, please contact your SSL provider or see the below links which may assist you.

DigiCert provide a Windows Utility to create a CSR, Private Key and store the SSL certificate once purchased:

https://www.digicert.com/util

If you wish to generate a CSR yourself, you can try the following guides depending on the system you are using:

https://www.digicert.com/csr-creation.htm

Again, your chosen SSL provider will have full instructions on how to generate a CSR for your SSL certificate.


Certificate Formats
Once you have purchased your SSL certificate, you may be given an option on what format or certificate type you want to be provided with or download. If you are given this option, the Certificate formats we require are:

Apache
Apache Mod-SSL


Installation Requirements
For us to be able to install an SSL certificate on a server we require the following 3 files:

  • Private Key File
  • Certificate File
  • CA/Intermediate Certificate File

The Private Key file is generated when the CSR is created, so this will have been given by the CSR generation tool used online or on the server that was used to generate the CSR.

The Certificate File and CA/Intermediate Certificate File will be provided by your chosen SSL provider once the certificate has been purchased.

Once you have all the correct files for the SSL Certificate, please send them over to the Frog Service Desk for installation via a new ticket or email.

If you are wanting to provide an existing certificate you own, such as a Wildcard Certificate, you can provide us with a PFX export of the certificate from an existing server that contains the above 3 files.

Self Hosted FrogLearn includes a built in backup mechanism that allows you to take a full DR backup of Frog.

The Frog Backup System works as a pushed data synchronisation of user data to a network share. This takes place daily once enabled.

The backups can only be restored by Frog. There is no user way to extract or restore files from the backup and the backups are for Disaster Recovery purposes only.



When the Frog backup is run for the first time it will create the following files and folders:

Files:

  • frog.tgz.gpg
  • backup_log

Folders:

  • sites


frog.tgz.gpg
This is an encrypted archive file that contains a backup of the Frog database and configuration files.

sites
This folder is a direct synchronisation of the user data folder from the server. This folder contains all user data and files that are contained with in Frog.


backup_log
This is a basic log file showing the output from the backup script.

For each subsequent run of the backup both the frog.tgz.gpg and backup_log file are refreshed with a new copy from the server and the sites folder is synchronised from server.

The sites folder synchronisation will replicate any changes made to the user data since the previous backup run. This works for both new data and files that have been uploaded to Frog and old data and files that have been removed from Frog.

Data deleted from Frog will also be removed from the backup share on the next run of the Frog Backup.

IMPORTANT: The Frog Backup system offers NO incrementation of data. Backup incrementation must be done as part of the your normal backup archiving and incrementing process or the data will be overwritten.



Frog Backup Configuration

The Frog Backup System is configured in System Preferences within FrogOS under Maintenance > Backup:




To configure the backup system you will need to enable the backup by toggling the switch to ON and providing the following information:

UNC Path
This is the path to the network share that you wish the FrogServer to push the backup files to. This should be in FQDN format eg. //backupserver.myschool.local/frogbackup

Due to an Operating System limitation, the network share must have SMB1 enabled to allow the FrogServer to connect.

Username
This is the username of a network account that has full control and access to the above network share.

Password
This is the password for the above account.

Email
This is the email address where Frog will send the backup report once the backup has completed or encountered any errors.

The backup runs 1 hour after the schedule time set in the Schedule menu of System Preferences > Maintenance and will run daily.


Frog Backup Email Report

Each time the backup runs you will receive an email of either the backup report, or a pre-flight error email showing why the backup could not run.

Email Report

If the backup has run and completed successfully, you will receive an email similar to this:


If the backup has run and completed successfully but with some errors, you will receive an email similar to this:

If you do receive a report with errors, please forward this on to our Support Team so the errors can be investigated.

Pre-Flight Error

The backup will carry out some basic checks before it runs, these are call Pre-Flight checks. If these fail, the server will send an email reporting the Pre-Flight error.

The most common are as follows:


This generally means that the UNC network share path does not exist or is incorrect.


This generally means that the username or password set is not correct or has no permission over the network share.