Skip to main content

TLS for JSON APIs, MQTT, and browser-based apps

Configure a FairCom server to use TLS for JSON APIs, MQTT, and browser-based apps

Abstract

Configure a FairCom server to use TLS for JSON APIs, MQTT, and browser-based apps

FairCom servers include a built-in app server that supports FairCom’s JSON APIs, browser-based applications, and MQTT broker. The app server communicates over TCP/IP ports using HTTPS, WebSocket, and MQTT protocols.Connect

You enable and configure listeners for these ports and protocols in the services.json file. You must use different ports for TLS and non-TLS connections. For TLS connections, configure the "tls" property for a listener, such as the following HTTPS configuration.

{ 
  "serviceName": "https8443", 
  "description": "Port 8443 using TLS-secured HTTPS protocol", 
  "port": 8443, 
  "protocol": "https", 
  "enabled": true, 
  "tls": {   
    "certificateFilename": "server.crt",   
    "privateKeyFilename": "server.key",   
    "certificateAuthoritiesFilename": "ca.crt",   
    "allowedCipherSuites": "AES256-SHA256" 
  }
}

Tip

You can run the nmap command line utility against FairCom's default app server port 8443 to verify the TLS ciphers in use. Linux includes nmap and you can install nmap on Windows and MacOS.

nmap-p 8443 -v -Pn --script ssl-enum-ciphers localhost