I use HTTPS - initialization of SSL is made with wip_SSLInit. I recognize that the duration of calling different pages varies - the time between creating the data channel with wip_getFileOpts and the first event WIP_CEV_OPEN.
Could it be that the SSL library has a certain number of SSL certificates, which are trusted? Where can I get a list of those certificates, which are trusted from OpenAT?
Hi,
Have you got the OpenAT Framework installed?
If so, you should see the actual code for HTTPS sample, for example:
C:\Program Files\Sierra Wireless\Embedded Software\com.wavecom.openat.ide.spm.lib.plugin.model.Security.1.16.0.201206041340_1.16.0.201206041340\resources\Security\samples\wipssl_https_client\src
Actually, we can specify the cert trusted by including them when we compile the source, there are no cert trusted by default ASAIK…
Hope it helps.
Thanks for reply.
I know the example.
Then I ask myself why calling different https pages varies in time!!!
When I call Google it lasts 2 seconds between wip_getFileOpts and WIP_CEV_OPEN. When I call the page of our company it lasts at least 40 seconds. In my internet browser I have to add the https page of our company to the trusted pages by hand, and Google is trusted automatically. So I thought OpenAT behaves the same.
Hiya,
Sounds like you have a self-signed certificate on your internal server - which doesn’t have the trust chain required to install automatically. The google certificate will be signed by a trusted registrar and have a trust chain back to the registrar to prove that it’s valid.
I wonder if the long connection times for your company certificate that you’re seeing OpenAT is to do with the way that the certificate trust chain is being traversed (and because it’s a self-signed certificate, there’s some sort of timeout being triggered before the response is being returned to you).
ciao, Dave