From Friday, April 19th (11:00 PM CDT) through Saturday, April 20th (2:00 PM CDT), 2024, ni.com will undergo system upgrades that may result in temporary service interruption.

We appreciate your patience as we improve our online experience.

Home Community Idea Exchange LabVIEW Ideas Idea

LabVIEW Idea Exchange

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
RichardJennings

SSL TLS Support

Submitted by Member on ‎06-26-2016 11:54 AM 32 Comments (32 New)
Status: Completed

Available in LabVIEW 2020 and later. The TLS functions are available in the Functions > Data Communication > Protocols > TCP > Transport Layer Security (TLS) palette.

LabVIEW needs native SSL/TLS support for the TCP primitives. The HTTP functions support it (see \vi.lib\httpClient\ConfigSSL.vi). There are several great LabVIEW native MQTT libraries that could be commercially usable if there was native SSL/TLS support. Not having this functionality for the TCP primitives makes LabVIEW a poor choice for an IoT platform.

32 Comments
Darren
Proven Zealot
Proven Zealot
‎04-28-2020 10:36 AM
‎04-28-2020 10:36 AM
Status changed to: Completed

Available in LabVIEW 2020 and later. The TLS functions are available in the Functions > Data Communication > Protocols > TCP > Transport Layer Security (TLS) palette.

0 Kudos
ctennies
Member
Member
‎05-21-2020 02:49 PM
‎05-21-2020 02:49 PM

Ok so now TLS is natively supported.  What about SSL?  I am not an expert on network comms so I hope I am just missing something obvious.  I have been using encryption compendium for labview to do my SSL but it is expensive.  If there is some way I can do SSL with the new TLS functions could someone point me in the right direction.  the 2 examples that ship with 2020 have not helped me thus far.

 

thanks

0 Kudos
ctennies
Member
Member
‎05-21-2020 02:54 PM
‎05-21-2020 02:54 PM

forgot to mention encryption compendium for labview does not support 2020 yet - they "LVS" expect that out in the august time frame.  I tried the version that does work for 2018 on 2020 and they are right - no go.  they claim to always be about 3 months behind the labview release

0 Kudos
rtollert
Member
Member
‎05-21-2020 04:31 PM
‎05-21-2020 04:31 PM

TLS is the new SSL. When SSLv3 was revised to fix security issues, the resulting protocol was not called SSLv4, it was TLSv1.0.

 

This is not a recent change, either. TLSv1.0 was released in 1999.

 

The term SSL is still used a lot, and it rolls off the tongue better than TLS. And OpenSSL never changed its name, etc. The fact remains that the literal SSL protocol is today considered highly insecure and should never be used except for legacy deployments where you can’t help it.

 

Accordingly, the LabVIEW 2020 documentation has been modified in places to refer to “TLS/SSL” where it previously referred to “SSL”.

0 Kudos
ctennies
Member
Member
‎05-22-2020 07:14 AM
‎05-22-2020 07:14 AM

thank you for that clarification.  for what I am doing I need to be doing SSL over raw tcp.  so I take it the new TLS functions wont help me and I need to stay with encryption compendium.  Is this something I could do with Open SSL instead ?  I will have to look at it.  thanks again

0 Kudos
ctennies
Member
Member
‎05-22-2020 07:33 AM
‎05-22-2020 07:33 AM

I get a bad cipher error at the "Start TLS Function.vi"and am using the same .PEM file I have always used with encryption compendium.  I realize this is not a troubleshooting venue here so if you or someone can point me to documentation to help me sort that out it may do the trick.  thanks again

0 Kudos
rtollert
Member
Member
‎05-22-2020 07:36 AM
‎05-22-2020 07:36 AM

Sight unseen, you might see that if your certificate uses MD5.

0 Kudos
ctennies
Member
Member
‎05-22-2020 07:39 AM
‎05-22-2020 07:39 AM

I believe it does - thank you

0 Kudos
rtollert
Member
Member
‎05-22-2020 07:45 AM
‎05-22-2020 07:45 AM

You probably already know this, but in the interests of full disclosure — MD5 has been considered insecure for certificate validation purposes since before 2005. You really should get new certificates with eg SHA2 if the peer supports it.

0 Kudos
ctennies
Member
Member
‎05-22-2020 07:51 AM
‎05-22-2020 07:51 AM

Thank you - I will talk to the people on the other side of the wire - this helps alot

0 Kudos