EasyCwmp
My View | View Issues | Change Log | Roadmap | My Account
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000113easycwmp[All Projects] Questionpublic2016-01-13 08:472016-01-26 11:13
Reporterswcims 
Assigned Tomohamed.kallel 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionno change required 
PlatformOpenWRTOSLinuxOS Version
Summary0000113: How to set ssl related configuration in easycwmp?
DescriptionI want to test SSL encryption and certificate in easycwmp.
I have set ACS url with "https://", [^] but don't know how to configure the "ssl_cert", "ssl_cacert" and "ssl_verify" options.
In openwrt, there are /etc/uhttpd.crt and /etc/uhttpd.key files, they work properly for https visiting.
Can I use them for easycwmp?How to configue in easycwmp?
Is there any example to configure these options?
Thanks!
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0000374)
mohamed.kallel (manager)
2016-01-13 09:36

 you have to configure the following parameters in your easycwmp config file:
easycwmp.@acs[0].ssl_cert : path of the ssl cert file
easycwmp.@acs[0].ssl_cacert : path of the ssl cacert file
easycwmp.@acs[0].ssl_verify : should be set to enabled value if you wan easycwmp make ssl peer verification otherwise the easycwmp will not make the ssl peer verification
(0000375)
swcims (reporter)
2016-01-13 09:56

 Hi Manager,
  I configure them as following:
  easycwmp.@adcs[0].ssl_cert='/ect/uhttpd.cert'
  easycwmp.@acs[0].ssl_cacert='/ect/uhttpd.cert'
  easycwmp.@acs[0].ssl_verify='1'
  restart easycwmpd, it displayed: unable to use client certificate (no key found or wrong pass ph rase?)
  If I only configured
  easycwmp.@acs[0].ssl_verify='1'
  It displayed: ssl problem:self signed certificate in certificate chain
  Would you please provide your advice? Thanks!
(0000376)
mohamed.kallel (manager)
2016-01-13 10:28

 for easycwmp.@acs[0].ssl_verify='1'
it should be easycwmp.@acs[0].ssl_verify='enabled'
(0000377)
swcims (reporter)
2016-01-13 11:11

 Yes, I set "enabled" in /etc/config.(It will interpret to be '1' )
Would you please provide advice for the error messages? Thanks!
(0000378)
mohamed.kallel (manager)
2016-01-13 11:29

 There is some improvement that I can do concerning the ssl part. But I can not do it right now since I m involved on other issues. You can refer to our commercial services to get a quick improvement for this issue or you can play wil libcurl options to get the ssl working.
(0000379)
swcims (reporter)
2016-01-13 11:59

 Got it, thanks!
(0000380)
swcims (reporter)
2016-01-19 05:20

 Modified curl and fixed.
(0000383)
mohamed.kallel (manager)
2016-01-19 09:07
edited on: 2016-01-19 09:50

 Could you please share what you have modified
(0000390)
swcims (reporter)
2016-01-26 10:53

 Actually, curl-7.43.0 can resolve this issue.

- Issue History
Date Modified Username Field Change
2016-01-13 08:47 swcims New Issue
2016-01-13 09:36 mohamed.kallel Note Added: 0000374
2016-01-13 09:56 swcims Note Added: 0000375
2016-01-13 10:28 mohamed.kallel Note Added: 0000376
2016-01-13 11:11 swcims Note Added: 0000377
2016-01-13 11:29 mohamed.kallel Note Added: 0000378
2016-01-13 11:59 swcims Note Added: 0000379
2016-01-19 05:20 swcims Note Added: 0000380
2016-01-19 09:07 mohamed.kallel Note Added: 0000383
2016-01-19 09:50 mohamed.kallel Note Edited: 0000383 View Revisions
2016-01-26 10:53 swcims Note Added: 0000390
2016-01-26 11:13 mohamed.kallel Status new => resolved
2016-01-26 11:13 mohamed.kallel Resolution open => no change required
2016-01-26 11:13 mohamed.kallel Assigned To => mohamed.kallel

Copyright © 2000 - 2021 MantisBT Team
Powered by Mantis Bugtracker