LabVIEW

Hi, 

How are you setting up the connection? Are you using the LabVIEW SMTP functions as mentioned here?  

There is some information on the Config TLS VI from this library which can be used to set the client certificate here. Could that be useful for you? 

If this is not relevant to your application, could you possibly send us more information on how you have set up the connection and perhaps screenshots of your code? 

Kind Regards, 

Riley Ilieva

Applications Engineer

National Instruments 

Hi Riley,

The required use is for secured TCP/IP access, something long-time missing from LabVIEW.

The product I support needs to be able to handle secured (SSL/TLS) connections to configure, manage and update external devices.

Ideally this would be through .NET calls, without any need for additional .DLL's, Synchronous and supporting a Client-side Certificate.

The Server-side example (link) has most of these requirements met.  Unfortunately I need a Client-side version, for which no examples are available.

Hi, 

Thank you for the clarification. I see that the client case has not been posted. I will check with a specialist to see if such an example is available anywhere. 

Many Thanks, 

Riley Ilieva

Applications Engineer

National Instruments 

Hi,

I have just hear back from our specialists. Thank you for the patience. 

It is possible to set up the client side and we could provide suggestions on how to do this but we would need a bit more information about your application. It is vital to know as much as possible so that we can recommend the easiest way to achieve that.

Our questions are as follows:

1. What is the application doing and how is it built?

     What functions are you using now?
     Why are you looking at .NET assemblies as a tool?
     What connection are you setting up? e.g connecting to a database, reading an email, basic get or post requests
     Are there web services running? 
2. How have you setup the server? Is it exactly as in the example or are there any modifications?

The easiest way to achieve this would be through LabVIEW Web Services. See attachment for an example which hosts an html page on the LabVIEW web service with a self-signed certificate. You can tell that it's SSL secured because of the HTTPS prefix (and browsers will have a little lock icon before the URL).

To run the web service:

1) Right click on the Web Service and publish it. (Under application web Server)

2) Follow the instructions on this link below to SSL secure the web service.

3) Make sure HTTPS is working by accessing the following URL - https://localhost:8081/WebTestForWindows/Add?x=2&y=5

4) Run the AccessMethodVI and see that it finds the same information.

Other information on the topic: 

• Securing the Web Server with SSL (Windows) - LabVIEW 2013 Help - National Instruments
• LabVIEW Web Services Security - National Instruments
• Configuring Web Services Security (Real-Time, Windows) - LabVIEW 2014 Help - National Instruments

Many Thanks, 

Riley Ilieva

Applications Engineer

National Instruments 

Please, add native SSL/SSH support for raw TCP connections in LabVIEW. Not everything can be done via web services. There are cases where you need to connect to something via SSH a server using basic TCP. It is clear that you have the basics in place to do this because it is supported via web services. Please expose this so we have that option in our tool box. As security becomes more of a concern we need to be able to utilize encrypted connections in our code.

---

@Riley_Ilieva wrote:

Hi,

 

I have just hear back from our specialists. Thank you for the patience. 

 

It is possible to set up the client side and we could provide suggestions on how to do this but we would need a bit more information about your application. It is vital to know as much as possible so that we can recommend the easiest way to achieve that.

 

Our questions are as follows:

1. What is the application doing and how is it built?

     What functions are you using now?
     Why are you looking at .NET assemblies as a tool?
     What connection are you setting up? e.g connecting to a database, reading an email, basic get or post requests
     Are there web services running? 
2. How have you setup the server? Is it exactly as in the example or are there any modifications?

  

---

Riley,

What we (my company) are using is a basic serial protocol, using a "request (/control) and reply" mechanism.  We translated that serial protocol to a tcp/ip-version, and because of customer demand we want to make that tcp/ip-version secure using SSL/TLS.

The server example I referred to is quite close to how we would want the client side to operate.  This has nothing to do with smtp, web services or all that.

We use basic open/close TCP/IP connection primitives in LabVIEW, combined with basic read and write primitives.  We like to be able to do these SSL/TLS secured.

Differences I already mentioned:

- Not only a server side certificate, but also a client side certificate.

Also, we might want to recognize the device by serial number or MAC address instead of a network resolved hostname (the SSL/TLS default).  Not sure if this has consequences for the client side.

Hi Ettepet, 

Thank you for the clarification, I think we misunderstood how you were setting this up with our earlier suggestion. 

If you want to specifically use SSL with our raw TCP/IP functions, to my understanding, we don't have a native, built-in way of achieving this. This doesn't mean it is impossible, but it is definitely a HUGE undertaking and this is why there is not an example of how to do this. 

We will see if we can find an implementation for thus but otherwise unfortunately we might not have an example for this. 

Many Thanks, 

Riley Ilieva

Applications Engineer

National Instruments 

Actually I'm pretty sure that there is NO usable way to do SSL communication with the current LabVIEW TCP nodes. While OpenSSL and the like do allow to setup a socket in such a way that it "almost" transparently works through the standard WinSock functions, the difficulty is that this has to be done explicitly at the time the socket is created (TCP Create Listener for the server side and TCP Open for the client side) there is currently no way to get at the underlying socket at that moment. At the time the TCP Create Listener and TCP Open nodes return control to the diagram it is basically to late to try to plugin an SSL handler into the socket.

Rewriting the entire TCP/IP nodes to allow this is indeed a major undertaking that I did attempt at some point and even got it working to the point that I could do HTTPS communication over an encrypted SSL socket but the whole thing is not quite up to what I would consider a stable user experience. And other projects have kept me from investing more time into this until now.

Rolf Kalbermatter
My Blog

---

@Riley_Ilieva wrote:

Hi Ettepet, 

 

Thank you for the clarification, I think we misunderstood how you were setting this up with our earlier suggestion. 

 

If you want to specifically use SSL with our raw TCP/IP functions, to my understanding, we don't have a native, built-in way of achieving this. This doesn't mean it is impossible, but it is definitely a HUGE undertaking and this is why there is not an example of how to do this. 

 

We will see if we can find an implementation for thus but otherwise unfortunately we might not have an example for this. 

 

Not at all.  As the topic title mentions I want to use .NET calls to do the secure communication, just like in the relatively simple server side example I referred to.  As you can see there many people posted a request for the client side version in LabVIEW.

NB: The "raw TCP/IP" stuff comes from people who want NI to finally offer native SSL/TLS support in LabVIEW, which is not the subject of this topic.  The place for that is this IDEA, a much belated request which NI so far has completely ignored.