cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can Bookmark boards, posts or articles that you'd like to access again easily! X

Connect Agent .NET by WSS to Thingworx

AlessandroN
11-Garnet

Connect Agent .NET by WSS to Thingworx

Hi all,

I'm trying to connect my .NET agent to Thingworx using a secure websocket connection (WSS), I've already configured my tomcat, and from Chrome it works successfully on HTTPS.

 

1 - Every time i try to connect, the client gives me back this error 

(ATTACHED_1)

 

2 - the client has been configured this way, using a config file for edit connection's details.

(ATTACHED_2)

 

3 - I can't understand why i have to specify the location of the Server Certificate on the Client side!
     Doesn't it should be retrieved by the client on the initial handshake?


Thanks in advance!!

7 REPLIES 7
ckaminski
13-Aquamarine
(To:AlessandroN)

Hello, Allessandron: 

 

Can you please post the error you are seeing?  It does not show up in the post.

 

Regards,

-Chris Kaminski

Hi ckaminski, I'm sorry for that :D
I've just edited.

ckaminski
13-Aquamarine
(To:AlessandroN)

Ideally the server would provide it's public key and the intermediate CA key as well to build a route of trust to a known root.   If you have no known roots in your environment you would need to provide that to the end device.

 

Are you using a self-signed certificate?  Is so, the following properties are set to true, I assume:

  • ClientConfigurator.AllowSelfSignedCertificates = true
  • ClientConfigurator.DisableCertValidation = true

 

Hi, yes my configuration is:

 

// TLS
            CertFileInfo serverCertFileInfo = new CertFileInfo();
            serverCertFileInfo.FilePath = ConfigurationManager.AppSettings["ServerCertificateFilePath"].ToString();
            serverCertFileInfo.CertType = 1; // '0' for axTLS
            config.ServerCertFileInfo = serverCertFileInfo;
            
            CertFileInfo clientCertFileInfo = new CertFileInfo();
            clientCertFileInfo.FilePath = ConfigurationManager.AppSettings["ClientCertificateFilePath"].ToString();
            clientCertFileInfo.CertType = 1; // '0' for axTLS
            config.ClientCertFileInfo = clientCertFileInfo;
            KeyFileInfo keyFileInfo = new KeyFileInfo();
            keyFileInfo.FilePath = ConfigurationManager.AppSettings["ClientKeyFilePath"].ToString();
            keyFileInfo.Passphrase = ConfigurationManager.AppSettings["ClientKeyFilePassphrase"].ToString();
            keyFileInfo.KeyType = 0;
            config.ClientKeyFileInfo = keyFileInfo;
            
            config.AllowSelfSignedCertificates = Boolean.Parse(ConfigurationManager.AppSettings["AllowSelfSignedCertificates"].ToString());
            config.DisableCertValidation = Boolean.Parse(ConfigurationManager.AppSettings["DisableCertValidation"].ToString());

 

For the certificates, I'm using self-signed and I created them for the CA, .NET Application and TW Tomcat.
1- On the tomcat I've already set up the server.conf, indeed I'm able to use HTTPS by Chrome)

2- Chrome shows it as trusted, since I added the CA cert to my Windows (Client) trusted roots.

3- Actually i don't wanna validate Client cert on the server, just validate the Server.

3- I'm not able to connect with Thingworx over WSS since on the client it gives me back this error: "com.thingworx.communications.client.TwApiWrapper Error: 0 : [Error] twWs_Connect: Error trying to connect"

Hi Alessandro,

What flavor of the .NET SDK are you using ? FIPS or AxTLS ?

 

slangley
23-Emerald II
(To:AlessandroN)

Hi @AlessandroN.

 

If you have found a solution to your problem, please post it here or mark one of the previous responses as the Accepted Solution.  If you are still having issues, please let us know.

 

Regards.

 

--Sharon

slangley
23-Emerald II
(To:AlessandroN)

Hi @AlessandroN.

 

From reviewing the information you provided, there could be a number of things going on.  With your approval, I will be happy to open a case for this so that it can be worked over a WebEx.

 

Please let me know if you would like to move forward with that approach.

 

Regards.

 

--Sharon

Top Tags