Jump to content

SSL connection certificates for "Uplift"-ed regions/simulators


You are about to reply to a thread that has been inactive for 122 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Not sure whether this is the correct sub-forum for my topic. Please move if necessary.

I'm working on developing a piece of semi-interactive software connecting to Second Life in Java using libomv-java.

Connecting my agent to unchanged regions works fine using the SSL certificate for the Agni grid provided by LL.

How do I connect to uplifted regions? Where do I find the necessary SSL certificate (either a *.pem or *.crt file) for the Uplift-ed regions running on AWS EC2 instances?

Link to post
Share on other sites
15 minutes ago, HiEnergy said:

Not sure whether this is the correct sub-forum for my topic. Please move if necessary.

I'm working on developing a piece of semi-interactive software connecting to Second Life in Java using libomv-java.

Connecting my agent to unchanged regions works fine using the SSL certificate for the Agni grid provided by LL.

How do I connect to uplifted regions? Where do I find the necessary SSL certificate (either a *.pem or *.crt file) for the Uplift-ed regions running on AWS EC2 instances?

I'm not sure if they are going to be given or useable yet.  from what we understand the ip and naming is not going to be working much if any at all.   so @Oz Linden   what can you tell us?

  • Like 1
Link to post
Share on other sites
1 hour ago, animats said:

Is this for inbound HTTPS, where you request a URL in a prim and try to connect to it from outside SL?

No, we're not talking LSL in my case.

It's for a program controlling an Agent (aka. bot) that's written in Java and uses the libomv-java for communication with the Second Life servers (simulators, inv/asset servers, CAPS servers and whatnot).

The library requires a certificate to make the SSL (https) connections to the various services for Second Life work.

in pre-"Uplift" times two Linden Labs SSL certificates (one for Aditi and one for Agni) were published, those worked well with my software. Of course those certificates don't work with the new AWS EC2 instances (which is intended as they're not Linden Labs, which the certificates certify).

Where do I find the new certificates for the AWS EC2 instances?

Link to post
Share on other sites
6 hours ago, HiEnergy said:

The library requires a certificate to make the SSL (https) connections to the various services for Second Life work.

in pre-"Uplift" times two Linden Labs SSL certificates (one for Aditi and one for Agni) were published, those worked well with my software. Of course those certificates don't work with the new AWS EC2 instances (which is intended as they're not Linden Labs, which the certificates certify).

What you did before was use the specific certificates installed on the individual simulator hosts; that works, but isn't very flexible. Since we changed the domain name in the cloud, those certificates would no longer match the hostname and would not be valid. Instead, we had to generate new certificates, but those new certificates are signed by the same Linden Lab Certificate Authority certificate that the datacenter hosts were. If you put that certificate in the set that your system trusts to sign host certificates, then you'll be able to validate any certificate it signs and trust it.

The Linden Lab CA Certificate is at https://bitbucket.org/lindenlab/llca/raw/master/LindenLab.crt

  • Like 2
  • Thanks 3
Link to post
Share on other sites
35 minutes ago, Oz Linden said:

What you did before was use the specific certificates installed on the individual simulator hosts; that works, but isn't very flexible. Since we changed the domain name in the cloud, those certificates would no longer match the hostname and would not be valid. Instead, we had to generate new certificates, but those new certificates are signed by the same Linden Lab Certificate Authority certificate that the datacenter hosts were. If you put that certificate in the set that your system trusts to sign host certificates, then you'll be able to validate any certificate it signs and trust it.

The Linden Lab CA Certificate is at  https://bitbucket.org/lindenlab/llca/raw/master/LindenLab.crt

Ty!

Link to post
Share on other sites
2 hours ago, Oz Linden said:

What you did before was use the specific certificates installed on the individual simulator hosts; that works, but isn't very flexible. Since we changed the domain name in the cloud, those certificates would no longer match the hostname and would not be valid. Instead, we had to generate new certificates, but those new certificates are signed by the same Linden Lab Certificate Authority certificate that the datacenter hosts were. If you put that certificate in the set that your system trusts to sign host certificates, then you'll be able to validate any certificate it signs and trust it.

The Linden Lab CA Certificate is at https://bitbucket.org/lindenlab/llca/raw/master/LindenLab.crt

Installing the Linden Lab CA Certificate solved the problem. My program now works flawlessly on the AWS EC2 simulators.

Thank you very much, @Oz Linden - I appreciate your help.

  • Like 2
Link to post
Share on other sites
You are about to reply to a thread that has been inactive for 122 days.

Please take a moment to consider if this thread is worth bumping.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...