NetBurner 3.5.6
PDF Version
HTTPS Dual Cert

NetBurner HTTPS Dual Certificate Server

Overview

This NetBurner application demonstrates a dual-certificate HTTPS/HTTP server implementation that supports both compiled-in certificates and dynamically loaded certificates from external storage. The application provides a web interface accessible via both secure (HTTPS) and non-secure (HTTP) connections, along with FTP server functionality for remote file management.

Supported Platforms

  • MODM7AE70
  • SBE70LC
  • MOD5441X
  • NANO54415
  • SOMRT1061
  • MODRT1171

Key Features

Dual Certificate Support

  • Compiled-in Certificate: Server includes a built-in certificate and private key for immediate SSL/TLS functionality
  • External Certificate Loading: Automatically detects and uses certificate files (DEVICE.CRT) and private key files (DEVICE.KEY) from external flash storage when available
  • Fallback Mechanism: Gracefully falls back to compiled-in certificates if external files are not found or invalid

Network Services

  • HTTPS Server: Secure web server running on port 443
  • HTTP Server: Non-secure web server running on port 80
  • FTP Server: File transfer protocol server on port 21 for remote file management

External Storage Support

  • Multiple Flash Card Types: Supports SD/SDHC, MMC, and Compact Flash cards
  • FAT32 File System: Full read/write access to external storage using EFFS FAT library
  • Hot-swappable Storage: Runtime detection of card insertion/removal with write protection checks

Time Management

  • NTP Client: Automatic time synchronization from network time servers
  • Manual Time Setting: Fallback manual time configuration
  • Timezone Support: Configurable timezone settings (defaults to PST/PDT)
  • RTC Integration: Support for hardware real-time clock when available

Web Interface Features

  • Dynamic Content: Web pages with embedded function calls for dynamic content generation
  • SSL/HTTP Switching: Links to switch between secure and non-secure versions of pages
  • Auto-refresh Pages: Demonstration pages with automatic reload functionality
  • Flash Card Formatting: Web-based flash card formatting utility

File Structure

Core Application Files

  • main.cpp - Main application entry point and initialization
  • cardtype.h - Flash card type configuration and selection
  • dual_mode_file_key.cpp - Dual certificate management implementation

File System Utilities

  • FileSystemUtils.cpp/.h - EFFS FAT file system wrapper functions
  • effs_time.cpp/.h - Time management and NTP client implementation

Network Services

  • ftp_f.cpp/.h - FTP server implementation for EFFS file systems
  • http_f.h - HTTP server function registration

Certificate Management

  • ServerCert.cpp - Compiled-in server certificate (PEM format)
  • ServerKey.cpp - Compiled-in private key (PEM format)

Web Content

  • index.html - Main web page with SSL/HTTP switching links
  • format.html - Flash card formatting utility page
  • repeat.html - Auto-refreshing demonstration page
  • robots.txt - Web crawler control file

Platform-Specific Files

  • ramdrv_mcf.cpp - RAM drive configuration for testing

Configuration Options

Flash Card Types

The application supports multiple flash card types configured in cardtype.h:

  • USE_SDHC: SD/SDHC cards (default for SB800EX and SOMRT1061)
  • USE_MMC: SD/MMC cards
  • USE_CFC: Compact Flash cards
  • USE_RAM: RAM-based file system for testing

Certificate Loading Priority

  1. External certificates from flash card (DEVICE.CRT and DEVICE.KEY)
  2. Compiled-in certificates (if external files not found or invalid)

Network Configuration

  • HTTPS Port: 443
  • HTTP Port: 80
  • FTP Port: 21

Usage Instructions

Initial Setup

  1. Configure flash card type in cardtype.h based on your hardware
  2. Insert properly formatted flash card (FAT32 recommended)
  3. Optionally copy certificate files (DEVICE.CRT, DEVICE.KEY) to flash card root directory
  4. Compile and deploy application to NetBurner device

Web Interface Access

  • HTTP: http://[device-ip]/index.html
  • HTTPS: https://[device-ip]/index.html
  • Format Flash: http://[device-ip]/format.html

FTP Access

  • Connect to ftp://[device-ip] for file management
  • Upload/download certificate files
  • Manage web content and application files

Serial Console Commands

  • Press 'F' to format the flash card
  • Monitor application status and debug information

Technical Implementation Details

Certificate Validation

The application validates external certificates using the NetBurner SSL library function IsSSL_CertNKeyValid() to ensure compatibility before use.

Memory Management

  • External certificate files are loaded into dynamically allocated memory
  • Automatic cleanup of memory buffers after certificate processing
  • Graceful handling of memory allocation failures

Error Handling

  • Comprehensive EFFS error code reporting with descriptive messages
  • Network retry mechanisms for robust file transfers
  • Graceful fallback to compiled-in certificates on external certificate failure

Security Considerations

  • Example certificates included are for demonstration only
  • Production deployments should use properly signed certificates
  • Web browsers will display warnings for self-signed certificates

Build Requirements

Required Libraries

  • FatFile.a: EFFS FAT file system library
  • SSL/TLS Libraries: NetBurner cryptographic libraries
  • Network Libraries: HTTP/HTTPS and FTP server libraries

NBEclipse Configuration

To include the FatFile library in NBEclipse:

  1. Right-click project and select "Properties"
  2. Navigate to "C/C++ Build -> Settings"
  3. Select "GNU C/C++ Linker -> Libraries"
  4. Add "FatFile" to the libraries list

Development Notes

This application serves as a comprehensive example of:

  • SSL/TLS certificate management in embedded systems
  • External storage integration with embedded web servers
  • Network service coordination (HTTP/HTTPS/FTP)
  • Time synchronization in embedded applications
  • Robust error handling and fallback mechanisms