Home AMX User Forum NetLinx Studio

TLS programming

Does anyone ever faced such: "TLS/SSL_read syscall failure. Error: 5/0/(null)"? As the whole IP-communication was awfully documented (and there's almost nothing about TLS/SSH), could anyone tell me what that Erroar: 5/0/(null) is about? Using TLS to open secure web socket over https to control Bosch Dicentis. Really stuck with no clues and no support (even proper documentation) from AMX (which is really frustrating).

Comments

  • Are you trying to make an SSH connection to the device? Or are you trying to make an HTTPS request? Programming for either one is going to be different. Can you post the specific code that is returning the error?

  • Which mode are you using - TLS_IGNORE_CERTIFICATE_ERRORS or TLS_VALIDATE_CERTIFICATE ?

    If it is TLS_VALIDATE_CERTIFICATE then the certificate from the device needs to be loaded onto the master.

  • brooklyn79brooklyn79 Posts: 32
    edited December 2019

    @HARMAN_icraigie said:
    Which mode are you using - TLS_IGNORE_CERTIFICATE_ERRORS or TLS_VALIDATE_CERTIFICATE ?

    If it is TLS_VALIDATE_CERTIFICATE then the certificate from the device needs to be loaded onto the master.

    I'm using TLS_IGNORE_CERTIFICATE_ERRORS. Actually, tried both, certificate was loaded on the master, same story with "TLS/SSL_read syscall failure. Error: 5/0/(null)". I'm able to read manuals, but once again - there's not too much about secured connections. And I've done lots of project with IP programming in the past (I'm quite familiar with HTTP). 18 years of extensive experience with AMX, not a rookie.

    As for the programming part: it's just a TLS socket to a server, TLS connection establishes, online event fires, but any attempt to send any string (device expects HTTP handshake followed by a request to upgrade to web-socket, been properly formatted and sent) ends with that error. Works from console and browser (JavaScript), same from controller always ends with an error.

  • Are you using the avt amx-util-library posted up on github for the websocket and http? Check and make sure the wss url scheme option has been uncommented in the websocket.axi webSocketOpen() function definition.

    I have working example code written for the above library referencing this test site 'wss://demos.kaazing.com/echo-auth' that uses the tls_client_open() for secure websocket communications that I can pass along.

  • For what it is worth, I use TLS to make secure connections to a cloud server to obtain propane usage data and also to a weather service to obtain current weather and forecast data. I too get the TLS/SSL_read syscall failure error every time I connect to the servers and obtain data. It does not however seem to have any negative effect since I am able to open the connection, obtain all of the desired data, and then close the connection. Below is a log file sample that illustrates the error when obtaining data from a TLS connection to the weather server. Similar log entries exist for the propane usage cloud server as well. Log entries with 'RSS Weather Module: ' are from my module -- remaining log entries are generated by Netlinx internally.

    Line     99 2019-01-28 (15:12:34)::  RSS Weather Module: TIMELINE event (DarkSky) - opening connection to obtain weather current conditions
    Line    100 2019-01-28 (15:12:34)::  CA Path is factory path /usr/local/ssl/certs/
    Line    101 2019-01-28 (15:12:35)::  Certificate validation disabled
    Line    102 2019-01-28 (15:12:35)::  CIpEvent::OnLine 0:29:100
    Line    103 2019-01-28 (15:12:35)::  RSS Weather Module: initiated processing of DarkSky weather current conditions
    Line    104 2019-01-28 (15:12:36)::  RSS Weather Module: completed processing of DarkSky weather current conditions
    Line    105 2019-01-28 (15:12:36)::  Closing SSL connection as requested by NetLinx for idx 5, fd=165 api.darksky.net
    Line    106 2019-01-28 (15:12:36)::  TLS/SSL_read syscall failure. Error: 5/0/(null)
    Line    107 2019-01-28 (15:12:36)::  SSL Shutdown end of read
    Line    108 2019-01-28 (15:12:36)::  CIpEvent::OffLine 0:29:100
    

    It seems to be an internal Netlinx error that only occurs with TLS connections and data retrieval but as I said above, at least in my case, it does not have any negative impact on the modules and seems to work fine. In both cases, HTTP get requests are sent to the servers to authenticate and request data and JSON data is returned and parsed accordingly.

  • I have exactly the same error message in a program that uses TLS functions. But I also note that this has no impact on the smooth running of the program.

  • @HARMAN_icraigie said:
    Are you using the avt amx-util-library posted up on github for the websocket and http? Check and make sure the wss url scheme option has been uncommented in the websocket.axi webSocketOpen() function definition.

    I have working example code written for the above library referencing this test site 'wss://demos.kaazing.com/echo-auth' that uses the tls_client_open() for secure websocket communications that I can pass along.

    Hi Ian,

    Please be so kind as to send me the sample code you refer to.

    Thank you.

    Willie

  • The kaazing.com echo test site with the authentication option is no longer online - but it did work when it was.

Sign In or Register to comment.