Skip to main content
All CollectionsGetting startedOnomondo app featuresConnectors
Setting up a TLS Connector
Setting up a TLS Connector

A TLS Connector allows you to have a secure TCP socket without having any encryption or SDK's on the device.

H
Written by Håkon Westh-Hansen
Updated over a month ago

What is TLS Connector?

A TLS Connector adds a layer of security to a normal TCP socket. First, the device establishes a normal TCP connection, then Onomondo connects to a TLS server on your end, which establishes a secure TLS socket, and finally pipes data between them both.

From the device's point-of-view - it will look like a normal TCP socket, but from the server's side - it will look like a secure TLS socket.

Note: A TLS Connector establishes an encrypted connection between device and server. Other Connectors communicate one-way sending events to the server (i.e. Microsoft Azure)

Setting up with HTTP

For simplicity, we will use the HTTP application layer protocol, as it is a common example.

HTTP and HTTPS are the same in a sense that they both send data in every way, except for the fact that HTTPS establishes a TLS (encrypted) connection before any data is sent. So, basically, introducing the TLS Connector is like adding the "S" into HTTPS.

Using HTTP: HTTP Servers often check for the correct HOST header in the requests being sent. If it is not set to allow the dummy IP the device is sending (i.e. 1.2.3.4) then it will return a 402 error to the device.
This can be fixed by either:

  • Updating the server to accept the dummy IP

  • Stopping the server from checking the HOST header

  • Adding the correct HOST header on the device

What needs to be set up?

  1. From the device side, you just need to use HTTP protocol and send the data to an HTTP endpoint.

  2. You need to set up an HTTPS server (for example on AWS / Heroku) to receive the information and include encryption key and crt files.

  3. In the Onomondo app, create a TLS Connector with the HTTPS endpoint and port number.

  4. Send HTTP request from the device.

Example of how to set up a new connector in the Onomondo app:

What is happening?

When the data is received by the Connector, it will establish a TLS connection with the HTTPS endpoint and send the data securely to the endpoint. As the HTTPS server has the encryption files, these will be exchanged while the TLS connection is being established. Key, Cert and CA parameters are optional and can be used to create stronger security.

Adding a Passthrough

An optional addition is setting up a passthrough. This identifies exceptions that the Connector will not pick and send to the HTTPS endpoint specified in the Connector. Here are a few examples:

Sending a ping

Selecting the passthrough for packets with the ICMP protocol.

Allowing DNS server lookup

Selecting the passthrough for packets with the UDP protocol on port 53.

Adding an FTP / Firmware update server

Selecting a passthrough can also be set by a protocol and a specific IP address.

Does TLS Connector only work with HTTP(S)?

No. It can be used whenever you have a TCP socket and need to establish a secure TLS connection, so that the device can talk with the server. For example, you can include a device sending a JSON object to a TLS server through a TLS Connector.

Not receiving the information at the endpoint?

There could be many reasons why data was not received by your server.

If there are any errors received between the server and the Connector, you will find them in the Error Logs in the Onomondo App.

For more information on this feature, check out this help article: What are Error Logs.

If you encounter any issues with the TLS Connector setup, feel free to contact us at [email protected].


Did this answer your question?