Salesforce Key management

Step for Generating a PKCS#12 Private Key and Public Certificate

Last week I was jumbled up with creating a secure certificate and PKCS key which i need to use into a connected app for Salesforce. While i was searching some some good resources I have found an awesome link: 

       Generate PKCS#12 Private Key and Public Certificate

These instructions assume you have downloaded and installed the Windows binary distribution of OpenSSL. Refer to Using OpenSSL for the general instructions

1. Generate an RSA private key:
>C:\Openssl\bin\openssl.exe genrsa -out <Key Filename> <Key Size>


Where:
• <Key Filename> is the desired filename for the private key file
• <Key Size> is the desired key length of either 1024, 2048, or 4096
For example, type:
>C:\Openssl\bin\openssl.exe genrsa -out my_key.key 2048


2. Generate a Certificate Signing Request:
In version 0.9.8g:
>C:\Openssl\bin\openssl.exe req -new -key <Key Filename> -out <Request Filename> -config C:\Openssl\bin\openssl.cnf


-OR-


In version 0.9.8h and later:
>C:\Openssl\bin\openssl.exe req -new -key <Key Filename> -out <Request Filename> -config C:\Openssl\bin\openssl.cfg


Where:
• <Key Filename> is the input filename of the previously generated private key
• <Request Filename> is the output filename of the certificate signing request
For example, type:
>C:\Openssl\bin\openssl.exe req -new -key my_key.key -out my_request.csr -config C:\Openssl\bin\openssl.cnf


3. Follow the on-screen prompts for the required certificate request information.
4. Generate a self-signed public certificate based on the request
>C:\Openssl\bin\openssl.exe x509 -req -days 3650 -in <Request Filename> -signkey <Key Filename> -out <Certificate Filename>


Where:
• <Request Filename> is the input filename of the certificate signing request
• <Key Filename> is the input filename of the previously generated private key
• <Certificate Filename> is the output filename of the public certificate
For example, type:
>C:\Openssl\bin\openssl.exe x509 -req -days 3650 -in my_request.csr -signkey my_key.key -out my_cert.crt


5. Generate a PKCS#12 file:
>C:\Openssl\bin\openssl.exe pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in <Public Certificate Filename> -inkey <Private Key Filename> -out <PKCS#12 Filename> -name "<Display Name>"


Where:
• <Public Certificate Filename> is the input filename of the public certificate, in PEM format
• <Private Key Filename> is the input filename of the private key
• <PKCS#12 Filename> is the output filename of the pkcs#12 format file
• <Display Name> is the desired name that will sometimes be displayed in user interfaces.
For example, type:
>C:\Openssl\bin\openssl.exe pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in my_cert.crt -inkey my_key.key -out my_pkcs12.pfx -name "my-name"

(Optional) Delete unneeded files. At this point, you only need the PKCS#12 format file, so you can delete the certificate signing request (.csr) file, the private key (.key) file, and the public certificate (.crt) file.

The resulting PKCS#12 format file may now be used within Secure FTP Server - FIPS.

Salesforce Live Agent

Now a day the competition has raised its bar and in each industry everyone believes in quick reception to his/her queries. Live agent is an awesome functionality provided by salesforce for managing chats with client contact on various standard object/Custom objects. It enables the external users to have a web chat with agents to know more about their product queries (or solution)

This feature is available at Developer and Performance editions organizations created after June 14, 2012 and for Enterprise and Unlimited Editions it’s available with an additional cost.

Steps to enable Live agent for an Org:

1. Navigate through Name>Setup>App Setup>Customize>Live Agent>Settings

2. Check the checkbox for “Enable Live agent”.

3. Enable Live Agent user check box in your user detail page. 
(Note: - Live Agent users require API Enabled administrative permission on profile. Agents also need at least the “Read” permission on Live Chat Visitors and Live Chat Transcripts to review visitor and transcript records.)

4. After enabling live agent for your org, several objects are automatically enabled and created in your org e.g.

a.       Live Chat Visitors – The Live Chat Visitor tab contains information about visitors that have participated in chat sessions. Below you can see sample live chat visitor record

b.      Live Chat Transcripts: - The Live Chat Transcripts tab contains the transcripts of completed chat sessions. Below you can see sample live chat transcript record

c.       Live Chat Transcript Events: - Contain all information that contains chat request; accept request or route details and Visitor Left. Below you can see sample live chat transcript event record

d.      Live Agent Sessions: - This Live Agent Sessions tab contains information about agent session, time spent online, time spent on chat etc. Below you can see sample live chat session  record

e.      Live Agent Supervisor:-This tab contains information about your department’s chat buttons and chat agents, all in one place. It will look like below screen shot

f.        Live Agent :- This tab contains information about Chat transcript and from here you can launch live agent console

g.       Quick Text: - Quick Text lets users create standard messages, such as greetings and answers to common questions, which support agents can easily insert into communications with customers. Quick Text is automatically enabled for organizations that have enabled Live Agent. If you want to create quick text click on Quick text (Tab) | New and fill the details as per your choice, you can take help from below screen shot

Setup Skills for the Live Agent

1. Go to Name>Setup>App Setup>Customize>Live Agent>Skills.

2. Create new Skill by clicking “New” Button.(as shown below)

3. After setting Skills, Go to Name>Setup>App Setup>Customize>Live Agent>Chat Buttons and create one by clicking “New” (as shown below).

4. Select type, Name, Skills (Mandatory fields). Also you can set various other attributes like Custom agent name, Auto greeting message, Language, online image, offline image etc.

5.  After setting up button, the detail page would provide a code snippet for chat button copy the code and paste it in a text file.

6. Then Go to Name>Setup>App Setup>Customize>Live Agent>Deployment. Create a Deployment record by inserting required fields (or you can customize it according to the company branding). After creating deployment record it would also result in a short code snippet. Copy this code snippet and paste it in same file(as previous) and save it as filename.Html

Test the Live agent:  You have to embed this live agent configuration into an application

1. Create a Service Cloud Console Application from Create --> Apps and click "New" button.

2.  While creating a service cloud Application enable the checkbox for “Include Live agent in this App” and choose the records or pages to open as sub tabs

After Creating App in Salesforce, Select the App and Open the .html file which contains the code snippet generated during the process. On click of online image on html page, A Request to Agent would be sent to accept the Chat Conversation. After the agent accept the chat, they can start chatting and the agent can save or create appropriate object record related to this chat conversation.(as shown below)

Salesforce Analytic Snapshot

Sometimes Business Analysts have a requirement to have a better GUI for reporting on particular set of data which must refresh by itself. So this use case can be solved by Salesforce awesome feature known as “Analytic Snapshot”. An analytic snapshot lets you report on historical data. The user have to create a custom object and then authorized users configures tabular or summary report results to fields on the custom object, then map those fields to corresponding fields on a target object. They can then schedule when to run the report to load the custom object's fields with the report's data. Analytic snapshots enable you to work with report data similarly to how you work with other records in Salesforce.

     
     Steps to setup Analytic snapshot:

1. Create a report into salesforce (and you can use various reporting features like grouping, custom summary formulas etc.) using appropriate filters.
2.      Create a new custom object which is mainly used to capture to capture data/information from report at scheduled time intervals. You need to create the schema for the custom object like fields to be added on this object to capture various information from report ;e.g. the number of records appearing on report, Date on which the snapshot was taken etc.
   
3. Then you need to create analytic snapshot, go to Setup > Admin Setup > Data Management > Analytic Snapshots. Select the Source report and the target custom object. Finally map the fields from the source report.
   
   
   
4. Furthermore, you need to schedule the analytic snapshot job to schedule at desired frequencies.

To analyse the historical data stored in the custom object, you‘ll need to create another report (make sure to group them by snapshot date so that the analysts can have a graphical view for the same). Finally you can schedule the report or display them on the record detail page layout.

Salesforce Deployment Methods

Salesforce Deployment Methods

There are three ways of deployment to Salesforce:

1)      Deployment Changeset, Disadvantage-> can only be deployed to sandbox or connected org.

2)      Force.com Eclipse IDE

3)      Force.com Java based ANT Scripts

In this blog post we are going to learn about retrieving salesforce components through ANT. To use ANT one should have:

1)      Java installed in local machine

2)      Apache ANT installed into local machine

3)      Ant-Salesofrce.jar file from Salesforce (which is to be copied into Home_Folder>ant>lib).

ANT Setup

1.   Download ANT from http://ant.apache.org/bindownload.cgi
2.   Extract the folder and paste it into Home_Folder.
3.   Also Download the ant-salesforce.jar from salesforce org. To download follow the steps Setup>Develop>Tools. Click Force.com Migration Tool and paste the .jar file into Home_Folder>ant>lib.
4.  Setup the Environment variable from My Computer>Rightclick-Properties>Advanced Syatem setting>Click Environment variable. Add new System variable, Enter name as ‘ANT_HOME’ and location as drive location of bin folder for ant. Also check whether Java classpath is set in system variable.
5.  Optional, we can check whether ant and java is installed by using commands ‘ant –version’ and ‘java –version’.

1. Building ANT package.xml, Build.xml and Build.properties

Build.properties file(please change the username and password in below file)

 1. # build.properties  
 2. #  
 3.    
 4. # Specify the login credentials for the desired Salesforce organization  
 5. sf.username = DemoUsername  
 6. sf.password = Password  
 7. #sf.pkgName = <Insert comma separated package names to be retrieved>  
 8. #sf.zipFile = <Insert path of the zipfile to be retrieved>  
 9. #sf.metadataType = <Insert metadata type name for which listMetadata or bulkRetrieve operations are to be performed>  
 10.   
 11. # Use 'https://login.salesforce.com' for production or developer edition (the default if not specified).  
 12. # Use 'https://test.salesforce.com for sandbox.  
 13. sf.serverurl = https://login.salesforce.com  
 14.   
 15. sf.maxPoll = 20  
 16. # If your network requires an HTTP proxy, see http://ant.apache.org/manual/proxy.html for configuration.  
 17. #  

Build.xml

 <project xmlns:sf="antlib:com.salesforce" basedir="." default="test" name="org to org">  
 2.   <property file="build.properties" />  
 3.   <property environment="env" />  
 4.      
 5.   <target name="retrieve_dev" depends="">  
 6.     <echo message="retrieving metadata to ${metadata.root}" />  
 7.         <mkdir dir="retrieveOutput"/>  
 8.     <sf:retrieve retrieveTarget="retrieveOutput" singlePackage="true" serverurl="${sf.serverurl}" password="${sf.password}"username="${sf.username}" unpackaged="MyPkg/package.xml"/>  
 9.   </target>  
 10. </project>  

Package.xml

 <?xml version="1.0" encoding="UTF-8"?>  
 2. <Package xmlns="http://soap.sforce.com/2006/04/metadata">  
 3.   <types>  
 4.     <members>*</members>  
 5.     <name>ApexClass</name>  
 6.   </types>  
 7.     
 8.     
 9.   <version>29.0</version>  
 10. </Package>  

Deployment Commands

Type ‘ant TARGET_NAME’ where TARGET_NAME=name attribute of target tag in Build.xml(in this case retrieve_dev. The Build process will start after creating a folder named ‘retrieveOutput’ under which the required salesforce components will be saved in file system(Please ensure that the current folder location in which ’ retrieveOutput’ is created, must have sufficient admin rights for creating and editing file contents .

Deployment through Eclipse:

ANT is by dedault the part of Eclipse IDE just we need to add the ant-salesforce.jar from salesforce org. Follow the below steps:

1.  Open Eclipse, then go to Windows>Preferences.
2.  Select ANT>Runtime and choose Ant Home Entries(Default)
3. 
   
4. 
5.  Click Add JAR and choose the ant-salesforce.jar, then click apply.
6. Save the setting by clicking Ok.
7. Now Create a new project in Eclipse and import the build.properties and build.xml
8.  Right click build.xml in your project>Run as>Build ant.
9.  Select the configuration target from list which performs the desired action
10. 
11.    Optionally we can setup the arguments for build.properties separately(by clicking Main tab in above fig) for e.g : -Dsf.srcdir="DIR _SRC_ PATH "
12.  Finally click Run and observe the Eclipse console for logs.
13. After the complete process we’ll get the message as Build Succeeded (or Build Failed).

Heroku App

 Deploy WAR project on Heroku

Pre Requisites :

1.  A War File created for your project (Follow steps in Eclipse :=>  File -> Export -> Web -> WAR file)
2. Heroku Account.

There are several ways to deploy app on Heroku but common methods have been discussed in this blog:

1.  Deploy your code to Git and then push the code to Heroku (by using command> git push Heroku master).Upload everything onto a git repository so that you can easily push to Heroku repository. Use below directory structure:
• pom.xml
• Procfile
• src/main/java/root - Demo.java
• src/main/resources - mywebapp.jar
2. Deply the code directly from Heroku toolbelt(i.e. by using Command prompt) to Heroku Web Application container

Install Heroku-deploy CLI Plugin using command > heroku plugins:install https://github.com/heroku/heroku-deploy

a.       Create a Heroku application using command> ‘heroku create’
b.      To deply the project war use command> ‘heroku deploy:war –war <absolute path to war file> --app <app_name>’
c.       Use ‘heroku open’ to open app in browser’


3. Deploy the Heroku app directly from Ecplise project. Firstly you need to setup the Heroku plugin into Eclipse.

Steps for configuration of Heroku into Eclipse

a.       After opening Eclipse, Go to Help> Install new Software.

b.      Add a plugin by providing it a name as ‘Heroku’ and location as ‘https://eclipse-plugin.herokuapp.com/install’.

c.       Add this site and tick the checkbox ‘Heroku Eclipse Integration’.

d.      Click next and accept the license and finish installation after clicking ‘finish’.

API Key Setup for Heroku

a.       Open Eclipse>Preferences.

b.      Choose Heroku and enter Heroku username in Email field, Password in Password field (After succesfull login API key in API key will be populated).

c.       Click Login.

d.      You might need to generate a SSH key from same location and add it to Heroku.

To Deploy through Eclipse

a.       Right click your project, go to Team>Commit. Enter a proper commit message and add the files to the commit

b.      Right click the Project>Team>Push to Upstream. Heroku will perform the build based on type of app and deploy the app on Heroku on successful build.