lhmathys Posted July 10, 2012 Posted July 10, 2012 Recently I purchased the ISY994i, and setup the web server to be exposed to the internet. I bought an SSL certificate from GoDaddy (2048 bit encryption), and it works great in regular browsers like IE, Chrome and Firefox. However, I cannot access the ISY on my Android devices using either the browser or the Mobilinc app. I contacted GoDaddy, and they told me that the problem is caused by the intermediate certificate not being installed correctly on the hosting server (the ISY). Any suggestions on how to install the intermediate certificate with my standard certificate? Thanks...
Michel Kohanim Posted July 10, 2012 Posted July 10, 2012 Hello lhmathys, Unfortunately this is going to be a little difficult since ISY sends a certificate as is (does not chain them). So, the only thing I can think of (which might not work) is to add the certificate explicitly to your device (so that it will always trust this certificate from this host). OR, you could something more risky by trying to chain the certificates and then load them into ISY. With kind regards, Michel
lhmathys Posted July 10, 2012 Author Posted July 10, 2012 I tried to chain the certificate to the intermediate/root "bundle" that GoDaddy gave to me, but I don't think that the ISY import took all of them. I suspect it imported just the server certificate and stopped there. I still get the untrusted certificate warning on my Android browsers. Is this a software issue in the ISY and can it be fixed in a subsequent release?
Michel Kohanim Posted July 10, 2012 Posted July 10, 2012 Hello lhmathys, We are working on a security pack for 994 which includes support up to TLS 1.2. This said, adding support for intermediate certificate installation was not on our list. I cannot guarantee that we would implement it mostly because our development is based on demand and ROI. At the moment, you are the only one (in our history) to have ever asked for it and thus no much demand. If it turns out to be something simple, we will surely add it while going through the security pack. With kind regards, Michel
Recommended Posts