How do I work with secure SSL web services?

Introduction

Iguana’s built-in web server supports SSL, so you can connect to and create secure web services.

Issue [top]

How to work with secure SSL web services.

Solution [top]

To connect to a secure web service

You can use SSL with the net.http.xxx{} library (get, put, post and delete), just put the SSL certificate details in the ssl table parameter. For details see the API documentation net.http – using http connections.

The simplest connection code is something like this:

URL = 'https://<secure site name>'

SSL = {cert='/filepath/to/self_cert_test_keys/c', 
   key='/filepath/to/self_cert_test_keys/privkey.pem',
   verify_host=false, verify_peer=false} -- verify peer needs a "Certificate Authority file"

function main()
   -- get data from secure web service
   local R = net.http.get{url=URL, live=true, ssl = SSL}
   trace(R)
end

To create a secure web service

You must enable HTTPS in Settings>HTTP(S) Channels and enter the SSL certificate file details (no code changes are required).

Note: If you select Verify Peer you will also need a Certificate Authority File.

To set the Iguana web server to use SSL

This will apply SSL to the Iguana web APIs, i.e., monitor_query{} etc.

URL = 'https://localhost:6543/monitor_query'

SSL = {cert='/filepath/to/self_cert_test_keys/c', 
   key='/filepath/to/self_cert_test_keys/privkey.pem',
   verify_host=false, verify_peer=false} -- verify peer needs a "Certificate Authority file"

AUTH = {username='admin',password='password'}

function main()
   -- get data from secure web service
   local R = net.http.get{url=URL, live=true, 
      auth=AUTH, ssl = SSL}
   trace(R)
end

You must enable HTTPS in Settings>Web Server and enter the SSL certificate file details (no code changes are required).


How to create self-certified SSL certificates for testing

A simple way to create your certificate and public key file is to use openssl. See how to create self-certified SSL certificate and public key files for more information.

Tip: You can also use SSL with the To/From LLP components and with net.ftps, and net.smtp.