Home Duet/Cafe Duet

HTTPS access ?

vincenvincen Junior MemberPosts: 526
Hi,

As I never used Duet before, I would need advice from someone who did. Is it possible to use Duet in NetLinx controllers to do an authentification on a website that is in HTTPS ?

I can do all other communications with that website in http, so able to do it in conventional netlinx code, but not https ! So is it possible to do that with Java in masters ?

Thanks a lot in advance

Vinc

Comments

  • joelwjoelw Junior Member Posts: 175
    The only trace of SSL is in the com.mocana.core package. It's a Java wrapper to native functions. I don't see any documentation, but it looks pretty straight forward.

    core.jar -> com.mocana.core

    There are also plenty of open source Java SSL solutions that would run on J2ME.
  • joelwjoelw Junior Member Posts: 175
    joelw wrote:
    The only trace of SSL is in the com.mocana.core package. It's a Java wrapper to native functions. I don't see any documentation, but it looks pretty straight forward.

    core.jar -> com.mocana.core

    There are also plenty of open source Java SSL solutions that would run on J2ME.

    From a test I just made with mocana I get the following error:

    com.mocana.core.MocanaException: connect() not applicable to Mocana SSL server-side sockets

    I have an RFI into engineering on this. But if Mocana only applies to server-side sockets, then this would not be great news.
  • vincenvincen Junior Member Posts: 526
    joelw wrote:
    From a test I just made with mocana I get the following error:
    com.mocana.core.MocanaException: connect() not applicable to Mocana SSL server-side sockets
    I have an RFI into engineering on this. But if Mocana only applies to server-side sockets, then this would not be great news.

    Thanks Joel for details, so it confirms it's impossible to connect as a client to a https server from NetLinx master as of now :(

    Vinc
  • joelwjoelw Junior Member Posts: 175
    I'm still waiting on the Engineering RFI. So there may be something I'm missing.

    It's quite possible to implement your own SSL layer. Something I will look into depending on the response from the Engineering team.
  • vincenvincen Junior Member Posts: 526
    joelw wrote:
    I'm still waiting on the Engineering RFI. So there may be something I'm missing.

    oky, please keep us updated when you get news back from Engineering ;)
    joelw wrote:
    It's quite possible to implement your own SSL layer. Something I will look into depending on the response from the Engineering team.

    Well I would be happy to help you with that but it'll be a big job to do as it's pretty complex the cypher protocol used in SSL and I'm not sure master is able to manage that through netlinx programmation :/

    Vinc
  • joelwjoelw Junior Member Posts: 175
    Update

    I just got the response:

    As of right now, there is no method for Java code to initiate a secure
    socket connection (SSL/HTTPS) to an outside location.


    There apparently has been some work done on this, but no clear date for a potential release. In other words it's low on the priority list.


    Vonage integration will just have to wait...
  • Chip MoodyChip Moody Junior Member Posts: 727
    Along with MS Messenger integration...

    Good thing - I haven't gotten through those "Java for idiots" books yet.

    - Chip
  • vincenvincen Junior Member Posts: 526
    joelw wrote:
    I just got the response:
    As of right now, there is no method for Java code to initiate a secure
    socket connection (SSL/HTTPS) to an outside location.

    There apparently has been some work done on this, but no clear date for a potential release. In other words it's low on the priority list.

    Thanks for the update, so only way for now to access SSL web site is to pass through a proxy :(

    Vinc
  • joelwjoelw Junior Member Posts: 175
    vincen wrote:
    Thanks for the update, so only way for now to access SSL web site is to pass through a proxy :(

    I suspect the com.mocana.core.Ssl class in core.jar is a crude wrapper to their C API.

    My educated understanding is they didn't port their Mocana SSL stack to the Java CDC Foundation profile. They got a crude variation for their web server, and that was it. What they need to do is finish porting SSL to their Java implementation. It sure seems this would have been a priority from the start.

    Perhaps it was for performance reasons. I have no plans to implement my own webserver in Java, so Java SSL performance is not a paramount concern.

    Perhaps someone from marketing would like to comment on this?
Sign In or Register to comment.