- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
can you guys check out if you can connect to the Azure Event Hub over TLS connection? Today all our WICED modules stopped sending data to the hub - very critical issue.
After investigation it seems that the error coming out of ssl_handshake_client_async is 4294966880 = FFFFFE60 = -0x01A0 = TLS_ERROR_X509_CERT_UNKNOWN_SIG_ALG. It seems that Microsoft updated their certifcates today.
Azure Event Hub for test:
host: seltronhomeweu0000stg.servicebus.windows.net
post: 443
We are using version 2.4.1. and we have also reproduced this issue on 3.1.2.
Thanks,
Matej
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It seems that Service Bus team renewed the *.servicebus.windows.net certificate which resulted in SHA256 type certificate being issued which is the Microsoft default for compliance reasons. The previous certificate was SHA1 certificate.
Assistance on this issue will be greatly appreciated.
Regards,
Matej
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just a comment on this. I am experiencing what I think is a similar issue. I (with WICED 2.4.1) am able to initialize both root ca and client certificates that are signed with the SHA1 algorithm, but none signed with SHA256.
I am wondering if this is a bug or if SHA256 is just not supported and if SHA256 is not supported by besl, are there plans to add support for it now that SHA1 is being deemed as insecure?
Jake
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Any success solving this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unfortunately not, very disappointed how Broadcom is addressing customer issues.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Its very strange, I have had good response on some issues from Broadcom, but other items seem to not get any response at all. Very hit or miss. The other users have been very helpful. Unfortunately, this issue is killing us here and I am going to have to search for work arounds. If you run across anything, let me know. I'll do likewise.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I wish you very best. We have given up for now regarding this issue. If anything comes up, I will let you know.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, I would like to respond on security related threads.
I am sorry you ran into problems and apologize for slow response. We can and will do better.
By way of background, we are the OEM supplier of the uSSL SDK included in WICED SDK.
The Broadcom WICED team adapted uSSL into WICED, including modifications adding it to the platform framework.
They call the shots on what goes into WICED, including new features and bugfixes, and we don't have any direct control over it.
However, at Cypherbridge our mission is to deliver the best possible leading edge solutions for embedded IoT security and
connectivity. We do offer an option for WICED customers to work with us directly for support and upgrades,
including customized builds. To get the latest and greatest features and direct technical support, please contact us
on our WICED support page, include your company contact information, and we can take it from there.
www.cypherbridge.com/WICED.html
Best Regards,
Steve DeLaney
President
Cypherbridge Systems