SSL on Fez Spider

pierre_csa · 2013-10-25 09:50:27 UTC

Hi GHI community,

Is the verification of server certificates supported on the Fez Spider? It seems that the authentication with SslStream.AuthenticateAsClient always succeeds, even when the certificate authority does not match the target host.

Thanks
Pierre

Architect · 2013-10-25 09:56:03 UTC

Welcome to the forum!

Be aware that that method has a bug in it:

Edit: Make sure to update the SSL seed using MFDeploy on the device as well.

pierre_csa · 2013-10-28 09:21:33 UTC

Ok, SSL seed updated. What is strange is that I don’t see any SSL messages when I monitor the ethernet traffic with wireshark, do I have to explicitly enable SSL somewhere?

Architect · 2013-10-28 09:27:03 UTC

@ pierre_csa - I assume you know how to use wireshark, but double check that you are not filtering it out by any chance.

Please show us your code as well.

pierre_csa · 2013-10-30 08:13:18 UTC

OK now I understand why it was not working at all. I was using the Ethernet J11D module with a plain netmf application, but without initializing it with the functions of GHI.Premium.Net.

Now it works fine, thanks for your help! (and thanks also to Bryn on blog.devmobile.co.nz for sharing his test application)

Gus_Issa · 2013-10-30 08:34:49 UTC

Glad it worked for you and welcome to the community.