Overview
This guide provides a details about security guide for fixed readers while logging in using RFID3 API
Details
Fixed readers comes up with self-signed certificate in order to have secure communication between application and reader, reader should be configured to use https.
Note: For firmware version above 3.10.30 reader will automatically force the user to switch to https and change the password on first login.
In order for app to communicate with the reader using https, set the secure mode in login_info to HTTPS.
Setting it up
Connecting to a reader with CA signed Certificate
In order to make sure that connection is fully secure between the reader and the app, an appropriate CA signed certificate must be installed on the reader.
Steps for installing certificate to reader : Install-certificates
Note :CA certifate and reader certificate should use algorithm SHA-256 or above.
LoginInfo loginInfo= new LoginInfo("FX9600112233", "username", "Password", SECURE_MODE.HTTPS, false);
Add CA certificate in PEM or DER format to res/raw/cacert
Create a network_security_config.xml file in res/xml/network_security_config.xml and add the following code
In the AndroidManifest.xml file ad the following code:
Note: For more information to customize app’s certificate behavior please refer Network security configuration
Note :Certificate should be CA certificate used to generate the reader certificate and domain name should be the name given when generating certificate.