GpsGate Protocol SSL/TLS Support

The GpsGate protocol has support for SSL/TLS for secure communication. SSL2 and newer is supported.

Installation

To use GpsGate Protocol over TCP/IP with SSL (port 30177) on a server you need to do the following:

  1. Set the Server Hostname (SiteAdmin > Settings > Server Hostname)
  2. Install a valid certificate that works with the server's domain name

You can obtain a SSL certificate for a domain from a trusted third-party Certificate Authority like GlobalSign.

Usually, you should obtain a password-protected .pfx file with the certificate and the public key.

On Windows, you can double-click on such a file to install it. Follow the installation wizard. In the Certificate Store Location step, choose Local Machine, as shown in the picture below:

pic1.png

In the Certificate Store step, choose Trusted Root Certification Authorities, as shownin the picture below:

pic2.png

Self-signed Certificate

Alternatively, mainly for testing purposes, you can create a self-signed certificate (one online tool for this can be found here).

Note: When using a self-signed certificate, in addition to installing it on the server as described above, you have to install the certificate to the Trusted Root Certification Authorities on every client as well. Export the server certificate to a .pfx file and copy it to each client. Double-click the file and follow the wizard as on the server.

C# Client Side Example

var sslStream = new SslStream(
stream,
false,
_ValidateCertificate, // return sslPolicyErrors == SslPolicyErrors.None;
_SelectCertificate, // return null;
EncryptionPolicy.RequireEncryption
);
sslStream.AuthenticateAsClient(hostname);

Testing the communication

You can test the protocol using our test tool GpsGate SimOne. Download SimOne and use the following settings:

  1. Change the port number to 30177
  2. Check the SSL box
  3. Use the domain name (not the IP address) for the server