#108 TLS: use the new TLSContext to allow verification of the server certificate

2.0.0.0: TLS
closed
hermsen
None
2020-12-27
2020-12-21
i-campbell
No

With the 1.0.2.0 MQTT SL library, it is now possible to verify the server certificate. This should be added, so that the certificate can be verified.

Discussion

  • hermsen

    hermsen - 2020-12-27

    ItfTLSContextProvider is being implemented in v1.3.3.0 in personal branch

     
  • hermsen

    hermsen - 2020-12-27
    • assigned_to: h-hermsen
     
  • hermsen

    hermsen - 2020-12-27
    • status: open --> accepted
     
  • hermsen

    hermsen - 2020-12-27

    FB_Edge_Of_Network_node
    will now have these extra arguments;

        ITLSContextProvider : REFERENCE TO MQTT.NBS.ITLSContext; //Encapsulates all the data neccecray to handle encrypted tcp connections
        //Static initialization, as shown in the following code snippet;
        //
        //VAR
        //    commonName : STRING := 'MyRasPi';
        //    ciCertInfo : NBS.CERT_INFO := (psInfo:=ADR(commonName), udiSize:=LEN(commonName));
        //    myTLSContext : NBS.TLSContext := (
        //        ePurpose:=NBS.PURPOSE.CLIENT_SIDE,
        //        sUseCaseName:='NBSTest',
        //        sTLSVersion:='1.3',
        //        ciCertInfo:=ciCertInfo,
        //        udiVerificationMode:=2
        //    );
        //END_VAR
        IASyncPropertyProvider : REFERENCE TO MQTT.NBS.IAsyncProperty; // Runs the connect process in a own background task. Use this property if the connection setup takes longer than one task cycle (e.g. TLS connections) 
    
     
  • hermsen

    hermsen - 2020-12-27
    • labels: Improvement, Major -->
    • status: accepted --> closed
     

Log in to post a comment.