Main Site Documentation

SSL on Fez Spider


#1

Hi GHI community,

Is the verification of server certificates supported on the Fez Spider? It seems that the authentication with SslStream.AuthenticateAsClient always succeeds, even when the certificate authority does not match the target host.

Thanks
Pierre


#2

Welcome to the forum!

Be aware that that method has a bug in it:

Edit: Make sure to update the SSL seed using MFDeploy on the device as well.


#3

Ok, SSL seed updated. What is strange is that I don’t see any SSL messages when I monitor the ethernet traffic with wireshark, do I have to explicitly enable SSL somewhere?


#4

@ pierre_csa - I assume you know how to use wireshark, but double check that you are not filtering it out by any chance.

Please show us your code as well.


#5

OK now I understand why it was not working at all. I was using the Ethernet J11D module with a plain netmf application, but without initializing it with the functions of GHI.Premium.Net.

Now it works fine, thanks for your help! (and thanks also to Bryn on blog.devmobile.co.nz for sharing his test application)


#6

Glad it worked for you and welcome to the community.