Options
HTTPS access ?
vincen
Posts: 526
Hi,
As I never used Duet before, I would need advice from someone who did. Is it possible to use Duet in NetLinx controllers to do an authentification on a website that is in HTTPS ?
I can do all other communications with that website in http, so able to do it in conventional netlinx code, but not https ! So is it possible to do that with Java in masters ?
Thanks a lot in advance
Vinc
As I never used Duet before, I would need advice from someone who did. Is it possible to use Duet in NetLinx controllers to do an authentification on a website that is in HTTPS ?
I can do all other communications with that website in http, so able to do it in conventional netlinx code, but not https ! So is it possible to do that with Java in masters ?
Thanks a lot in advance
Vinc
0
Comments
core.jar -> com.mocana.core
There are also plenty of open source Java SSL solutions that would run on J2ME.
From a test I just made with mocana I get the following error:
com.mocana.core.MocanaException: connect() not applicable to Mocana SSL server-side sockets
I have an RFI into engineering on this. But if Mocana only applies to server-side sockets, then this would not be great news.
Thanks Joel for details, so it confirms it's impossible to connect as a client to a https server from NetLinx master as of now
Vinc
It's quite possible to implement your own SSL layer. Something I will look into depending on the response from the Engineering team.
oky, please keep us updated when you get news back from Engineering
Well I would be happy to help you with that but it'll be a big job to do as it's pretty complex the cypher protocol used in SSL and I'm not sure master is able to manage that through netlinx programmation
Vinc
I just got the response:
As of right now, there is no method for Java code to initiate a secure
socket connection (SSL/HTTPS) to an outside location.
There apparently has been some work done on this, but no clear date for a potential release. In other words it's low on the priority list.
Vonage integration will just have to wait...
Good thing - I haven't gotten through those "Java for idiots" books yet.
- Chip
Thanks for the update, so only way for now to access SSL web site is to pass through a proxy
Vinc
I suspect the com.mocana.core.Ssl class in core.jar is a crude wrapper to their C API.
My educated understanding is they didn't port their Mocana SSL stack to the Java CDC Foundation profile. They got a crude variation for their web server, and that was it. What they need to do is finish porting SSL to their Java implementation. It sure seems this would have been a priority from the start.
Perhaps it was for performance reasons. I have no plans to implement my own webserver in Java, so Java SSL performance is not a paramount concern.
Perhaps someone from marketing would like to comment on this?