Roku Developer Program

Developers and content creators—a complete solution for growing an audience directly.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sj_dev
Level 8

What does SetCertificatesFile() actually do?

Please help in understanding what does SetCertificatesFile() actually do?

 

Also how to validate if it is correctly implemented?

 

Thanks

0 Kudos
3 Replies
renojim
Level 21

Re: What does SetCertificatesFile() actually do?

I'm not the best person to answer this, but I'll give it a shot.  The certificates file contains the public certificates required to make a secure connection.  The built-in one Roku supplies has most of the certificates you'd need to connect securely to most sites.  If you can connect to https://whatever.com then it's working.

When you'd need to specify a different certificates file is when you want to provide your own public certificate.  I've done this for my own self-signed certificate to connect to my server securely.

I can't find it, but @belltown had a good explanation of all this way back when.

0 Kudos
sj_dev
Level 8

Re: What does SetCertificatesFile() actually do?

Thank @renojim.

Just wanted to be sure. Does it take care of two way ssl handshake internally?

Whenever server sends the authentication challenge to the client, does client cancels the request if it fails to verify the server trust. i.e if the server certificates are not matched to the certificates provided by us.

I am unable to figure out this functionality as nowhere it is mentioned about the same

0 Kudos
renojim
Level 21

Re: What does SetCertificatesFile() actually do?

It will fail if everything doesn't check out.  You can use EnablePeerVerification(false) and/or EnableHostVerification(false) to bypass the checks, but my thought is that if you have to use either of them then something isn't right.

0 Kudos