Value of ca-bundle.crt?
We have developed a back-end that responds to Brightscript roUrlTransfer calls. The roUrlTransfer call includes `SetCertificatesFile("common:/certs/ca-bundle.crt")`. For purposes of debugging the b...
Forum Discussion
The call to InitClientCertificates() instructs the Roku to use Client Authentication, in addition to the Server Authentication you get with SetCertificatesFile(). With client authentication, communications with the server are encrypted using the Roku Company private key securely embedded in the Roku firmware. I'm not aware of any way to "hack" the Roku Company private key. Your server would use the Roku Company public key, which you'd have to configure the server to use, to decrypt its communications with the Roku. You can be confident that if you've configured your server correctly, any data received would be from a legitimate Roku device. Adding the developer ID header will further ensure that the data is coming from an application signed with your developer key.
Note that if you're testing your Roku channel from a side-loaded channel, then the developer ID used in the header will not be the same as one used if your channel has been loaded from the channel store. Your server software would need to take that into account.
Note that if you're testing your Roku channel from a side-loaded channel, then the developer ID used in the header will not be the same as one used if your channel has been loaded from the channel store. Your server software would need to take that into account.
