Hello!

I'm working with the sample code urlUtils.brs and attempting to load a JSON file over HTTPS.

obj = CreateObject("roUrlTransfer")
obj.SetPort(CreateObject("roMessagePort"))
obj.SetCertificatesFile("common:/certs/ca-bundle.crt")
obj.AddHeader("X-Roku-Reserved-Dev-Id", "")
obj.InitClientCertificates()	
obj.AddHeader("Content-Type", "application/x-www-form-urlencoded")
obj.EnableEncodings(true)
obj.EnableFreshConnection(true)
obj.SetUrl(url)

It appears our server is properly configured with HTTPS and is working in FireFox, CURL, and openssl.

When attempting PostFromString(request as String) we're receiving the -35 error with the following message:

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

I've tried a variety of certificates including the common:/certs/ca-bundle.crt as well as our own PEM file. All yield the same error and the connection does work over HTTP.

I've also confirmed our PEM file can validate when issuing a direct curl with the command: curl --cacert cert.pem https://##url.com##/roku/login (not the actual URL, just a placeholder for reference). The connection still does not work when the PEM is included within the App: obj.SetCertificatesFile("pkg:/ssl/cert.pem")

As a test, I've downgraded our server to allow SSLV3 connections. This works directly when issuing the command via curl: curl -v -3 https://##url.com## (not the actual URL, just a placeholder for reference) – The Roku is still throwing the same -35 error.

Additionally, does the Roku cache URLs and DNS? We've spun up a number of test URLs and instances and are attempting various server configuration changes and want to be sure the Roku is making connections that are not cached. I've tried turning off the power, reinstalling the App and also resetting to the default factory connection.

Does anyone have a solution or can point out what I am doing wrong? Any insight or help would be greatly appreciated.