How to configure Self-Signed SSL certificates with tsNet?
Posted: Wed Jan 20, 2021 7:13 pm
Hello all,
Recently I have been communicating with a server via http with a LC client in an anonymous mode. I can both read and write data using tsNet external. Now I'm trying to set up the security issues, switch to HTTPS instead and start Authentication.
First I'm testing the HTTPS connection without authentication. It seems to work but I'm having certificate issues. If I set then it works. So that means the https connection is working and the server is responding. When I turn it back to true (default) then I get this error: SEC_E_UNTRUSTED_ROOT (0x80090325) - The certificate chain was issued by an authority that is not trusted.
If I understand correctly, the server must trust the client and the client must trust the server. Therefore, I need to put the server's certificate in my LC client. And also put the LC client's certificate into the server's.
I placed the server's certificated into LC client with then I get the error: CERT_TRUST_IS_UNTRUSTED_ROOT. Which I suppose is the other part of placing my client certificate into the servers. Is this correct, if so, where is such certificate? And will it work when distributing the client, or does every client need a specific certificate which then I put into the servers?
And also when I'm making connections with databases middleware, also using tsNet but another URL then I get CERT_TRUST_IS_PARTIAL_CHAIN error. I need to do to make it work
Any help here? I do not understand much of SSL certificates. Thanks!
Recently I have been communicating with a server via http with a LC client in an anonymous mode. I can both read and write data using tsNet external. Now I'm trying to set up the security issues, switch to HTTPS instead and start Authentication.
First I'm testing the HTTPS connection without authentication. It seems to work but I'm having certificate issues. If I set
Code: Select all
tsNetVerifySSLPeer false
If I understand correctly, the server must trust the client and the client must trust the server. Therefore, I need to put the server's certificate in my LC client. And also put the LC client's certificate into the server's.
I placed the server's certificated into LC client with
Code: Select all
tsNetCABundle specialFolderPath("resources") & "/certificates/MyCertificate.der"
And also when I'm making connections with databases middleware, also using tsNet but another URL then I get CERT_TRUST_IS_PARTIAL_CHAIN error. I need to do
Code: Select all
tsNetCABundle empty
Any help here? I do not understand much of SSL certificates. Thanks!