Black Lives Matter - Action and Equality. ... Adafruit joins the Stop Hate for Profit campaign.
0

[SOLVED]Need some TLS details
Moderators: adafruit_support_bill, adafruit

Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.
Please be positive and constructive with your questions and comments.

[SOLVED]Need some TLS details

by _edx_ on Fri Jun 07, 2019 7:33 pm

Hi there,

I'm able to establish the comunication without TLS, but now is time to add the secure layer to the conection, so a little help would be appreciated.

Does the TLS of io.adafruit.com uses Public key or Stream ciphers or Hash?
If it's a Public key what algorithm is utilize (RSA, or PSK, etc)?
If it's a Stream does it use (AES, or DES, etc)?
If it's a Hash does it use (sha512, or sha256, or MD5, etc)?
Where can i find the keys or how can i create'em?
Does the IO_KEY is the cert?

Thanks :-)
Last edited by _edx_ on Mon Jun 10, 2019 7:39 pm, edited 1 time in total.

_edx_
 
Posts: 3
Joined: Fri Apr 19, 2019 7:05 pm

Re: Need some TLS details

by abachman on Mon Jun 10, 2019 2:30 pm

Hi _edx_,


We offer TLS based connections for HTTPS on port 443 and MQTTS on port 8883. We don't have additional encryption beyond that. You'll need to use https:// or mqtts:// for your connection to be secured.

Using openssl tells me this about our cert:
Code: Select all | TOGGLE FULL SIZE
$ openssl s_client -showcerts -servername io.adafruit.com -connect io.adafruit.com:443 </dev/null
...
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384



- adam b.

abachman
 
Posts: 352
Joined: Mon Feb 01, 2010 12:48 pm

Re: Need some TLS details

by _edx_ on Mon Jun 10, 2019 5:12 pm

Thanks so much abachman, this information will help me to just compile the necessary ciphers.

Regards :-)

abachman wrote:Hi _edx_,


We offer TLS based connections for HTTPS on port 443 and MQTTS on port 8883. We don't have additional encryption beyond that. You'll need to use https:// or mqtts:// for your connection to be secured.

Using openssl tells me this about our cert:
Code: Select all | TOGGLE FULL SIZE
$ openssl s_client -showcerts -servername io.adafruit.com -connect io.adafruit.com:443 </dev/null
...
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384



- adam b.

_edx_
 
Posts: 3
Joined: Fri Apr 19, 2019 7:05 pm

Please be positive and constructive with your questions and comments.