Joe Schofield Posted February 18, 2015 Posted February 18, 2015 I'm debugging an issue a user of my app is reporting where they see login failed after entering their username and password. I'm using the latest official release 4.2.18. It appears I'm working fine with server settings of TLS 1.0, 1.1, and 1.2. Also, I can set the server to High and that works as well. I'd like to better understand the verify option. I understand the ability of a server to challenge a client by asking for a certificate, but I'm not sure that's what the verify option is doing. Also, I'd like to better understand what the client settings are for and are those REQUIREMENTS for any client connecting or are they settings for the dashboard java app to connect with. Finally, I'd like to understand how to generate certificates that will work for the ISY. Unfortunately, the help option on the dashboard app did not provide anything useful. All of this is probably in a manual somewhere. And, I realize I could spend some time digging this information out of the forums, but I was hoping I could get a link to this documentation where I could carefully read about all the options. Thank you, Joe
Joe Schofield Posted February 18, 2015 Author Posted February 18, 2015 (edited) Uh, nevermind. I just clicked the magic sequence of Wiki Links, Request and Manager SSL Certificates, ISY994 Seriies Network Guide. Seems like all I wanted is in plain sight and I only had to spend a minute *thinking* about how to get the information. This is all so embarassing. Sorry for the question. Edited February 18, 2015 by Joe Schofield
Michel Kohanim Posted February 18, 2015 Posted February 18, 2015 Hi Joe, Verify means that: 1. Server - when a client (such as your app) connects to ISY, then ISY will ask for a certificate from it and the certificate must be signed by a CA that is stored in ISY (under CA) 2. Client - when ISY connects to a server (such as gmail), then ISY will ask the server for a certificate and the certificate must be signed by a CA that is stored in ISY (under CA) In most cases, Verify should not be checked unless all CAs are stored in ISY. With kind regards, Michel
Recommended Posts