Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[hono-dev] Shutdown of insecure ports on Hono Sandbox
  • From: "Hudalla Kai (BD/PAD-COD2)" <kai.hudalla@xxxxxxxx>
  • Date: Sun, 26 Mar 2023 14:28:55 +0000
  • Accept-language: de-DE, en-US
  • Arc-authentication-results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wKK6/cVK6vkUfuwsiNhjYt6yN/Jf/2YGJHX5XlEX0uk=; b=C5yrPDb5P5f3l7hLhVnbjnN68R91UzKjhPEL9DLQ1KuyU5/F6VJ6mkdyj+3QmYRW3PFq/W6HmkSP6eGxintaTmSdv5B6dUqos9dUrYFryB8L2xUHt3GIGhcKD1PFIj0F9d54+mhOokvtMq3l3Ykr+tRkkxeveM95D/0utn2KzIoi45CpnLo7rsHwzY3ZzGM3de1S8M4u1ctdj/vy13lgzk87bhaqgv7YhoR1PmyuUog5OBBGULVOL+ySzWRUdUXWfeATDFDDG0k5lr26kLKgBQVvjmUBmZqJKKora6NzkNezKNMr2x1TeOmiF10g3Sxgo9GpUct7CY+LeiRa8MPeqg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=TbBCAYuDMnXkDSWI6MDxEg/iMuKmT+ttSj032SYhs5Og4PQFMfqzgfTP3+mCC4kHjjQi7Qz+ySrwMqCIdquNVZellZhh3PrV6yjReeb8WDYosbnQIfs4fJfg/IZPS5Svgt2retNQJnjag8dCacTrCC12oxbn1BvZSaGYK8WK8cochk5v80EKYTrJdItm6YKC8A549z+bwbnoYmZPb1Mpzn3HI2xL0BNYfuFwWLp3kDDQ97FRdGm35Und9tAbxwWBH8GU6j3+n9iM/BxrSDvzA/q4ASMBWile3kr3bInUiiPuo5nQZmc1/gD34uFV6FbcicX58al+3zJ9FxRTILcPhA==
  • Delivered-to: hono-dev@xxxxxxxxxxx
  • List-archive: <>
  • List-help: <>
  • List-subscribe: <>, <>
  • List-unsubscribe: <>, <>
  • Msip_labels:
  • Thread-index: AQHZX+3sKLqvAwOZxU+44BW4muWz9A==
  • Thread-topic: Shutdown of insecure ports on Hono Sandbox

Dear Hono users,

the Eclipse Hono Sandbox [1] allows new users to test Hono's functionality without requiring them to set up their own Hono instance. The Hono components on the sandbox had always exposed both secured and unsecured ports for interacting with its API in order to keep the threshold to use the API as low as possible. The Eclipse Foundation has recently updated its security policy for operating project vServers and no longer supports unsecure endpoints.

We fully support this step towards a more secure operating environment and will therefore disable the unsecured API endpoints of the protocol adapters, the device registry and the messaging infrastructure by end of March 2023.

Users of the sandbox should update their clients to connect to the TLS secured endpoints. All components of the Sandbox use a server certificate issued by Let's Encrypt, so most (if not all) existing trust stores on clients should already contain the required CA certificates to successfully connect to the Hono Sandbox using (D)TLS.

Please create an issue in Hono's GitHub repository [2] in case of problems connecting to the secure endpoints.


Mit freundlichen Grüßen / Best regards

Kai Hudalla

Co-Development Home Team 2 (BD/PAD-COD2)
Robert Bosch GmbH | Postfach 10 60 50 | 70049 Stuttgart | GERMANY |
Tel. +49 30 726112-145 | Mobil +49 151 54336335 | Telefax +49 30 726112-100 | Kai.Hudalla@xxxxxxxxx

Sitz: Stuttgart, Registergericht: Amtsgericht Stuttgart, HRB 14000;
Aufsichtsratsvorsitzender: Prof. Dr. Stefan Asenkerschbaumer; Geschäftsführung: Dr. Stefan Hartung,
Dr. Christian Fischer, Filiz Albrecht, Dr. Markus Forschner, Dr. Markus Heyn, Dr. Tanja Rückert

Back to the top