cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can subscribe to a forum, label or individual post and receive email notifications when someone posts a new topic or reply. Learn more! X

ThingWorx 8.1 Cross Platform Highlights: Security

No ratings

Updates:

App Keys defaults

- Now stored in secure keystore

- Newly created app keys stored automatically

- On upgrated existing app keys are migrated to secure keystore

Change the app key default expiration time to 1 day

- Changed from 100 years

- UI date picker

- If date not picked now defaults to 1 day

Best Practice:

- Carefully consider expiration

- Set to desired value at time of creation

- Scripts should carefully choose time

-Knowledge base article in the works

Edge SSL updates

C SDK TLS/SSL:

C-SDK support for OpenSSL:

- Version 1.0.2 that supports tls  1.2.

- Tomcat 8 compatible ciphers

- EMS will follow soon

BYO SSL

- Abstraction layer &Documentation

- Path to building any SSL for supported environments

- Porting

- Different version of open ssl: straight forward

- Other SSL: some expertise required

- Enables other SSL providers:

- Burden to validate on SDK developer

Possibilities:

-AxTLS

-WolfSSL

-Mocana

EMS improvements

SafeInt Library

-C++ library

-Helps prevent integer overflows

Better certificate loading support

-EMS and LUA script resource can authenticate

-Bidirectional

EMS's HTTP server now defaults to requiring authentication for LSR

Overall theme: secure by default

Q: If appkey expired in 1 day, does a new one get automatically created?

A: Automatic one is not created, change the expiration date when creating the app key. When it expires - have to create a new one.

Version history
Last update:
‎Sep 29, 2017 02:32 PM
Updated by:
Labels (1)