zello-channel-api icon indicating copy to clipboard operation
zello-channel-api copied to clipboard

Published 20 hours ago verified publisher icon zelloptt

Zello Channel API - Embedded Device

Open AndyW999 opened this issue 1 year ago • 3 comments

We are currently working on putting the channel API interface on a embedded board.

From my testing I see that both secure - wss://zellowork.io - and non-secure - ws://zellowork.io - are both supported.

Due to the problems in getting a long term peer TLS certificate as the unit will need to operate for up to 10 years without updates will the non-secure method be allowed to continue to operate and used long term?

Thanks

Andy.

AndyW999 avatar Sep 21 '22 09:09 AndyW999

Hi @AndyW999 - unfortunately no, as we continue to improve our organizational security posture we cannot guarantee the insecure version will be available that long. I understand the concerns about TLS certs, is there no way you could arrange for this specific configuration to be field-upgradeable?

vocoded avatar Sep 21 '22 13:09 vocoded

Thanks for the prompt response! The places these things are usually put, is it usually not possible. They will not allow external servers for upgrades as they may not longer be there in the future - like a lot of IOT stuff that is there one day and gone the next... Which cert do you actually use so I can configure my peer cert for testing?

AndyW999 avatar Sep 21 '22 14:09 AndyW999

You can retrieve current certificate details using openssl, like:

openssl s_client -connect zellowork.io:443 -servername zellowork.io -state -debug

vocoded avatar Sep 27 '22 13:09 vocoded

Thanks!

Andy.

AndyW999 avatar Nov 01 '22 14:11 AndyW999