#108 TLS: use the new TLSContext to allow verification of the server certificate

2.0.0.0: TLS
closed
hermsen
None
2020-12-27
2020-12-21
i-campbell
No

With the 1.0.2.0 MQTT SL library, it is now possible to verify the server certificate. This should be added, so that the certificate can be verified.

Discussion

  • hermsen

    hermsen - 2020-12-27

    ItfTLSContextProvider is being implemented in v1.3.3.0 in personal branch

     

  • hermsen

    hermsen - 2020-12-27
    • assigned_to: h-hermsen
     

  • hermsen

    hermsen - 2020-12-27
    • status: open --> accepted
     

  • hermsen

    hermsen - 2020-12-27

    FB_Edge_Of_Network_node
    will now have these extra arguments;

        ITLSContextProvider : REFERENCE TO MQTT.NBS.ITLSContext; //Encapsulates all the data neccecray to handle encrypted tcp connections
    //Static initialization, as shown in the following code snippet;
    //
    //VAR
    //    commonName : STRING := 'MyRasPi';
    //    ciCertInfo : NBS.CERT_INFO := (psInfo:=ADR(commonName), udiSize:=LEN(commonName));
    //    myTLSContext : NBS.TLSContext := (
    //        ePurpose:=NBS.PURPOSE.CLIENT_SIDE,
    //        sUseCaseName:='NBSTest',
    //        sTLSVersion:='1.3',
    //        ciCertInfo:=ciCertInfo,
    //        udiVerificationMode:=2
    //    );
    //END_VAR
    IASyncPropertyProvider : REFERENCE TO MQTT.NBS.IAsyncProperty; // Runs the connect process in a own background task. Use this property if the connection setup takes longer than one task cycle (e.g. TLS connections)
     

  • hermsen

    hermsen - 2020-12-27
    • labels: Improvement, Major -->
    • status: accepted --> closed
     

Log in to post a comment.