Hi all, We are trying to upgrade our Mobilink 16 server to Mobilink 17 with HTTPS, but i can not find any proper documentation about certificate creation. The old HTTPS certificate is incorrect for the version 17. So anybody know a link about certificate creation or is there a step by step tutorial somewhere? We are using android clients with UltraliteJ and on server side Mobilink 17. For certificate creation i tried createcert.exe(Every time i get an error during synchronization from client). Best regards: Kornel Veres asked 05 Dec '18, 08:00 Kornel86 |
I fixed the problem after reading Chris documentation although the documentation is not correct. I created a root certificate with 6,7 key option then i used this certificate for signing the server certificate which was created 1,3,4,5 key options. Then i used the server identity for mobilink server configuration without trusted_certificate parameter. On client side i used the above linked code but i needed to set the followings: Without these, you can not use HTTPS connection with custom certification because on the server side you can not use Thank you for all your help. Br.: Kornel answered 06 Dec '18, 05:35 Kornel86 |
It would be helpful to know the error that you are getting.
I would review the SA 17 new features section "Strong encryption now achieved using OpenSSL" found at this link.
Hi Chris,
All the time i get this message E. 2018-12-05 15:10:06. <1> [-10117] Stream Error: The TLS handshake failed, error code 0x140890c7
I am 95% sure that i generate the client certificate wrong but i can not find out what am i missing or what is the proper way for the creation.
On the server i use createcert.exe to create a selfsigned root certificate. During generation i select 'N' for Certificate Authority and 1,3,4,5,6 options for Key usage. At the end i get a certificate with private key and identity.
Maybe i need to create a root self signed certificate with 5,6 key options and Certificate Authority with Y. Then create another certificate for server and client and sign with the root certificate?
Br.: Kornel