- #Openssl test tls 1.2 with cert update
- #Openssl test tls 1.2 with cert code
- #Openssl test tls 1.2 with cert download
I *think*, but am not certain, that the OpenHandle call *may* add its own auth header, and I'm unsure if calling ListHeaders.vi returns just your added ones, or all headers, so perhaps try that and see. Also, my call to ConfigSSL.vi happened immediately after the OpenHandle, and then I called AddHeader.vi for some custom stuff (Content-Type, Connection:Keep-Alive.nothing auth-related).
#Openssl test tls 1.2 with cert code
Your code looks similar to mine, mostly I had to implement basic auth so I had a plaintext username/password supplied to my OpenHandle.vi call. It definitely worked for me, I was connecting to SAP ME PAPI services, and like you, what started out as plain HTTP in development got switched to secure HTTP rather abruptly. I've needed to support connections to HTTPS in the past, and just went looking at old initialization code I wrote (about seven years back, how time flies). The Authorization header is an authorization Token that is provided by the InfluxDB platform that allows me to push data to it via HTTP. See below for how I am initializing the HTTP handle.
#Openssl test tls 1.2 with cert update
I also learned through other forums that TLS has been in incorporated into the native LabVIEW TCP functions, but I was hoping to not have to (1) update LabVIEW, and (2) write my own HTTP functions from the TCP protocols when the HTTP Client VIs get me 95% there. So I thought I would ask if it's the HTTP Client VIs that don't support it and that should buckle down to learn the. And I shouldn't need any client certificate or private key since the server is not authenticating the client. I believe I have the proper CA certificate (a ".cer" file) for it (though this is something I'm having a hard time verifying). However the InfluxDB server requires TLS 1.2 encryption or higher and I'm presently getting a "HTTP/1.1 400 Bad Request" response when I try to POST data to it. Recently we relocated the database to a remote server (instead of local to the machine) so now I need to use HTTPS (which I understand is fine for the HTTP Client VIs). This was working all very well and good when the database was hosted locally on the machine that was also doing the DAQ, and we were able to just use HTTP, not HTTPS. In my project I'm logging data to an InfluxDB database via http protocols. Does this also support TLS 1.2, as opposed to just SSL? This is for LabVIEW 2019 SSL_connect:SSLv3/TLS read server key exchangeįrom what I understand in the debug trace above, the client do not even send the certificate key.For the LabVIEW HTTP Client VIs, there is a "ConfigSSL.vi" where we are able to give it CA certification, key information, etc for security. SSL_connect:SSLv3/TLS read server certificate I am stuck at the end of this: # openssl s_client -connect :443 -showcerts -debug -state Here is the last command with more debug info. So I have difficulties to debug.ĭo you have an idea of what is happening here? I am not comfortable at all with TLS protocol, and I am working on a Linux build on Yocto on which I don't have the hand at all. * TLSv1.3 (OUT), TLS handshake, Finished (20):īy doing a little digging, I tried some command found online but I get stuck all the same: $ openssl s_client -connect :443 -showcertsĭepth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CAĭepth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign CloudSSL CA - SHA256 - G3ĭepth=0 C = US, ST = California, L = San Francisco, O = "Fastly, Inc", CN = r. * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (OUT), TLS handshake, Client hello (1): If I use TLS 1.3, everything works fine: $ curl -vvv -tlsv1.3 -tls-max 1.3 -ipv4 * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):įrom here, I can't do anything, not even CTRL+C the command. * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (OUT), TLS handshake, Client hello (1): Here is what is happening, using as example $ curl -vvv -tlsv1.2 -tls-max 1.2 -ipv4
#Openssl test tls 1.2 with cert download
I am trying to download from a website that forces TLS 1.2 version (), and I get stuck just after handshake.