HTTPS: How to ignore certificate warnings? | Thales IoT Developer Community
February 14, 2017 - 5:26pm, 6682 views
Hello!
I have to access a HTTPS site with Java+EHS5T via it's IP, not the host name. During transmission a "java.io.IOException: Subject alternative name did not match site name" exception occurs.
Questions:
1) Is there a way to ignore certificate warnings, and transmit data anyway?
2) Is there something like a "hosts" file on the EHS5T, where one can override DNS resolution? Maybe by writing some special settings in the .jad file?
Hello,
Please check the firmware version with ATI1 command.
Do you have the server certificates loaded to the module and want ot authenticate the server or just want to make a connection without any vaerification of the server certificate?
As far as I know it is not possible to ignore this as the exception is thrown during the conneciton establishment and the connection fails.
There is also no other way to configure the domain name.
Regards,
Bartłomiej
Hello!
Firmware version =
I just want to make a connection without any verification.
As far as I know it is not possible to ignore this as the exception is thrown during the conneciton establishment and the connection fails.
There is also no other way to configure the domain name.
I see. Then I make a proposal for an enhancement:
1) A flag in the Connector.open() connection String to indicate that certificate warnings should be ignored
2) A way to override DNS resolution, be it programmatically and/or by settings in the .jad file
Hello,
We have just released the new official firmware A-REVISION 00.000.50. I have tried to connect over https (without server certificate verification) using an IP address instead of the domain name and there was no exception.
Regards,
Bartłomiej
Thank you for that information.
Hello!
I've updated some EHS5T to A-REVISION 00.000.50.
Now they reboot, when I attach USB cable to it. That should not happen.
After update, also some settings are lost:
at^scfg="Gpio/****/ASC1 = gpio (should be std)
at^scfg="Gpio/****/SYNC" = gpio (sould be std)
at^spow = 0,0,0 (should be 1,0,0)
at^scfg="Serial/Interface/Allocation" = 0 (sould be 1)
Hello,
That should definitely not happen. I have updated my EHS6 and EHS5 and didn't observe any reboot.
Is it happening each time and with all updated devices?
As for the SCFG settings some defaults may have changed or you have changed the settings and they were reset to defaults during the update.
Regards,
Bartłomiej
Next issue:
2 out of 5 EHS5T could not be updated.
Updater hangs in loop:
[2017-02-23 15:04:35]
[2017-02-23 15:04:36]OpenAttachedFile: 13 fail
[2017-02-23 15:04:36]Disabling userware autostart...
[2017-02-23 15:04:44]Initializing firmware update...
[2017-02-23 15:04:46]Waiting for re-enumerated USB port...
[2017-02-23 15:05:04]Erasing flash memory (this can take a couple of minutes without visible progress)...
[2017-02-23 15:07:30]Transferring firmware in progress...
[2017-02-23 15:10:09]Updating flash file system (this can take a couple of minutes without visible progress)...
[2017-02-23 15:10:36]Restoring module state...
[2017-02-23 15:10:36]Firmware update succeeded
[2017-02-23 15:10:37]Erasing old data...
[2017-02-23 15:10:39]Checking module Character Set ('GSM' or 'UCS2') ...
[2017-02-23 15:10:51]Restoring module state...
[2017-02-23 15:10:51]Parsing configuration file...
[2017-02-23 15:10:51]Warning: Cannot find property "MIDlet-4" anymore
[2017-02-23 15:10:51]Warning: Cannot find property "File-5" anymore
[2017-02-23 15:10:51]Opening \\.\COM13 in 115200 baudrate
[2017-02-23 15:11:03]Initializing MIDlet[JRC-1.56.52.jad] update...
[2017-02-23 15:11:03]Removing existing JRC-MIDlet...
[2017-02-23 15:11:05]Transferring MIDlet[JRC-1.56.52.jad] in progress...
[2017-02-23 15:11:21]Error: Failed to finish MIDlet update!
[2017-02-23 15:11:21]ERROR: MIDlet[JRC-1.56.52.jad] transfer fail
[2017-02-23 15:11:21]Deleting temporary MIDlet[JRC-1.56.52.jad] file
[2017-02-23 15:12:06]Deleting temporary MIDlet[JRC-1.56.52.jar] file
[2017-02-23 15:12:51]ERROR: update MIDlet[1] fail
[2017-02-23 15:12:51]Initializing MIDlet[JRC-1.56.52.jad] update...
[2017-02-23 15:12:51]Removing existing JRC-MIDlet...
[2017-02-23 15:13:37]ERROR: Failed to query installed MIDlets!
[2017-02-23 15:13:37]ERROR: Installing MIDlet[JRC-1.56.52.jad] fail, check that there is no signature conflict!
then again "Deleting temporary Midlet...", until I manually stopped
-------- EDIT-------------
Problem is this: AT^SCFG="Userware/Stdout","FILE","60000","A:/log.txt","buffered"
When set to AT^SCFG="Userware/Stdout","null",,,,"off", update works.
Please try this on a EHS5T with SIM:
Set this option: AT^SCFG="Userware/Stdout","FILE","60000","A:/log.txt","buffered"
Power off the device.
Unplug USB
Power on the device. Wait for network registration (orange slow interval flash)
Plug USB - REBOOT
Hello,
I think that these two problems are probably connected with each other. Unfortunately I was able to reproduce both.
This is quite a specific case but still it should not be like that. I will report it for further analysis.
How critical is is for you?
Regards,
Bartłomiej
Hello!
This issue makes firmware flashing and field maintenance more complicated than it has to be.
For maintenance, I have to disconnect RS485 slaves and use RS232 interface cable instead of USB cable.
BR Helmut
Pages