SageTV Community  

Go Back   SageTV Community > SageTV Development and Customizations > SageTV Customizations

SageTV Customizations This forums is for discussing and sharing user-created modifications for the SageTV application created by using the SageTV Studio or through the use of external plugins. Use this forum to discuss customizations for SageTV version 6 and earlier, or for the SageTV3 UI.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 01-28-2017, 07:50 AM
tmiranda's Avatar
tmiranda tmiranda is offline
SageTVaholic
 
Join Date: Jul 2005
Location: Central Florida, USA
Posts: 5,266
SSL HowTo?

I'm trying to add SSL support to my Echo skill with little success. The basic problem is that I don't know much about SSL

Here is the relevant code snippit:

Code:
        try {
            numberSent++;
            URL url = new URL(protocol, host, port, line);
            Log.log.info("sendMsg: Sending <"+url+">");

            HttpURLConnection httpConnection = null;
            HttpsURLConnection httpsConnection = null;
            
            // Open the connection.
            if (isSsl) {
            	HostnameVerifier hostnameVerifier = new HostnameVerifier() {
            		@Override
            		public boolean verify(String hostname, SSLSession session) {
            			return true;
            		}
            	};
            	
                httpsConnection = (HttpsURLConnection)url.openConnection();
                httpsConnection.setDoOutput(true);
                httpsConnection.setRequestMethod("GET"); 
                httpsConnection.setHostnameVerifier(hostnameVerifier);
                HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
                httpsConnection.setRequestProperty("Content-Type", "application/json");
            } else {
                httpConnection = (HttpURLConnection)url.openConnection();
                httpConnection.setDoOutput(true);
                httpConnection.setRequestMethod("GET");            	
            }
            
            // Set the password.
            if (user != null && password != null) {
                String encodedBytes = DatatypeConverter.printBase64Binary((user + ":" + password).getBytes(StandardCharsets.UTF_8));   
                if (isSsl) 
                	httpsConnection.setRequestProperty("Authorization", "Basic " + encodedBytes);
                else
                	httpConnection.setRequestProperty("Authorization", "Basic " + encodedBytes);
            }
One of the Echo users has graciously let me run tests on his SSL connection and I am getting this error:

Exception: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
__________________

Sage Server: ASUS/Intel C2D based system w/4GB RAM. Win7, Hauppauge PVR 150, Hauppauge HVR-2250 and an HDHR. Runs headless. Accessed via VNC when necessary. Four HD-300 Extenders.
Reply With Quote
  #2  
Old 01-28-2017, 09:08 AM
EnterNoEscape's Avatar
EnterNoEscape EnterNoEscape is offline
Sage Icon
 
Join Date: Jun 2010
Location: Harrisburg, PA
Posts: 1,826
I think it may have to do with the certificate being self-signed (not issued by a trusted certificate authority). This information is old, but should be relevant.
__________________
SageTV v9 Server: ASRock Z97 Extreme4, Intel i7-4790K @ 4.4Ghz, 32GB RAM, 8x 3TB 7200rpm HD, 2x 5TB 7200rpm HD, 4x 256GB SSD, 4x 500GB SSD, unRAID Pro 6.3.0-rc6 (Dual Parity + SDD Cache).
Capture: 1x Ceton InfiniTV 4 (ClearQAM), 2x Ceton InfiniTV 6, 1x BM1000-HDMI, 1x BM3500-HDMI.

Clients: 1x HD300 (Living Room), 1x HD200 (Master Bedroom).
Software: OpenDCT :: WMC Live TV Tuner
Reply With Quote
  #3  
Old 01-28-2017, 10:18 AM
KarylFStein KarylFStein is offline
Sage Expert
 
Join Date: Apr 2006
Location: Westland, Michigan, USA
Posts: 688
EnterNoEscape is right about the cause. I sent you a PM with some SSL background and a trust chain you may use if you're using my server as a test. (Let's Encrypt Authority X1 is the issuer.)
Reply With Quote
  #4  
Old 02-18-2017, 05:58 AM
jonnydeath jonnydeath is offline
Sage User
 
Join Date: Apr 2008
Posts: 51
I did this with my skill for ssl:
input = input.replace(/\s+/g, '-');

var https = require( 'https' );
var options = {
host: ipAddress,
port: port,
auth: authString,
path: basePath + 'Watch&1=' + input + '&2=' + extender + '&encoder=json',
rejectUnauthorized: false,
requestCert: true,
agent: false
};





var request = https.get( options, function( response ) {
Reply With Quote
  #5  
Old 04-30-2017, 04:57 PM
mike1961 mike1961 is offline
Sage Icon
 
Join Date: Dec 2005
Location: California
Posts: 1,469
I'm not sure if this is a sage question but I too wanted ssl for my web server application I wrote. I used the free stunnel app which gives 128bit SSL and it's free at stunnel.org. It's really easy to set up and allows you to easily select your unencrypted port (ie: say port 5000) and then it forwards to to a port you configure to be encrypted (ie: say port 5001). Then you can just port forward 5001 on your router for external use. It's quick and easy to set up and you can get SSL going in as little as 5 minutes. I'm not sure if that's what you might be looking for but it can make any port SSL this way.
Reply With Quote
  #6  
Old 05-02-2017, 02:03 PM
tmiranda's Avatar
tmiranda tmiranda is offline
SageTVaholic
 
Join Date: Jul 2005
Location: Central Florida, USA
Posts: 5,266
Quote:
Originally Posted by mike1961 View Post
I'm not sure if this is a sage question but I too wanted ssl for my web server application I wrote. I used the free stunnel app which gives 128bit SSL and it's free at stunnel.org. It's really easy to set up and allows you to easily select your unencrypted port (ie: say port 5000) and then it forwards to to a port you configure to be encrypted (ie: say port 5001). Then you can just port forward 5001 on your router for external use. It's quick and easy to set up and you can get SSL going in as little as 5 minutes. I'm not sure if that's what you might be looking for but it can make any port SSL this way.
I was trying to go the other way. I need my app to establish an SSL connection.
__________________

Sage Server: ASUS/Intel C2D based system w/4GB RAM. Win7, Hauppauge PVR 150, Hauppauge HVR-2250 and an HDHR. Runs headless. Accessed via VNC when necessary. Four HD-300 Extenders.
Reply With Quote
  #7  
Old 05-08-2017, 10:59 PM
mike1961 mike1961 is offline
Sage Icon
 
Join Date: Dec 2005
Location: California
Posts: 1,469
I'm confused - if your app is a web server then you can use stunnel with your app and then you can use any web browser such as internet explorer, firefox, etc. Otherwise, if you are writing your own web server and client (rather than using a web browser as the client) then you might want to look into the chilkat ActiveX controls for AES encryption at chilkatsoft or just write your own encryption routines before sending the data over the socket. Chilkat has a ton of activex controls and are reasonably price with royalty free redistribution.

Are you trying to use SSL with your app so that users can use a web browser or are you also providing the client app as well? That will determine whether you can use the free stunnel app.

Also, I'm trying to understand what your app is for? Is it for sagetv or something else?

Last edited by mike1961; 05-08-2017 at 11:01 PM.
Reply With Quote
  #8  
Old 05-09-2017, 06:40 AM
KarylFStein KarylFStein is offline
Sage Expert
 
Join Date: Apr 2006
Location: Westland, Michigan, USA
Posts: 688
Quote:
Originally Posted by mike1961 View Post
I'm confused - if your app is a web server then you can use stunnel with your app and then you can use any web browser such as internet explorer, firefox, etc. Otherwise, if you are writing your own web server and client (rather than using a web browser as the client) then you might want to look into the chilkat ActiveX controls for AES encryption at chilkatsoft or just write your own encryption routines before sending the data over the socket. Chilkat has a ton of activex controls and are reasonably price with royalty free redistribution.

Are you trying to use SSL with your app so that users can use a web browser or are you also providing the client app as well? That will determine whether you can use the free stunnel app.

Also, I'm trying to understand what your app is for? Is it for sagetv or something else?
The app is a client that needs to connect to web servers over SSL.
Reply With Quote
  #9  
Old 05-09-2017, 06:22 PM
mike1961 mike1961 is offline
Sage Icon
 
Join Date: Dec 2005
Location: California
Posts: 1,469
I'm not sure how to advise him in that situation. I would think there would be certain protocols the server would expect.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
HOWTO for upgrading 6.6 -> 7.1.9 ? Grant.Edwards SageTV Linux 2 08-27-2011 04:35 PM
Howto get two HD-PVR working? zoltran Hardware Support 19 01-29-2009 01:51 PM
Network Encoder HowTo bcjenkins SageTV Software 15 06-28-2007 06:02 AM
WinAmp howto? moamoa SageTV Customizations 5 11-29-2006 06:21 PM
Sage SDk? howto? oshapir SageTV Beta Test Software 1 05-07-2004 07:29 AM


All times are GMT -6. The time now is 03:33 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Copyright 2003-2005 SageTV, LLC. All rights reserved.