Orion Context Broker HTTPS for subscribers

Question

Very simply question: Does the Orion Context Broker support SSL for subscribers:

Ex.: Can the callback URL for subscriptions be https://mysimpleexample.com/notify

<

Answer 1

You are right: -https CLI is about activating HTTPS in the (sever side) Orion NGSI API. It is not related with the notifications sent by Orion.

Orion doesn't support directly (client side) HTTPS notifications but the functionality could be achieved using an HTTP relayer, such as Rush. Using an HTTP releayer has additional advantages such as relieving Orion from dealing with notification fails, retries, etc.

Orion-Rush integration is not yet achieved, but it is in our short-term roadmap. Please, have a look (and eventually subscribe to, if you want to know when the functionality gets implemented) to https://github.com/telefonicaid/fiware-orion/issues/251

UPDATE: Orion-Rush integration for HTTPS was implemented in Orion 0.13.0. See "Security considerations" section at Orion user manual.

UPDATE: Rush has been added as part of the global context management instance, so CB at orion.lab.fi-ware.org nos supports HTTPS notifications. However, a bug currently makes CB ignore default port for "https" URL scheme, so use 443 explicitly (eg. https://foo.bar:443/path).

UPDATE: the bug mentioned in the previous update note is fixed in Orion release 0.17.0.

UPDATE: since verion 1.7.0, Orion implements native HTTPS notifications (i.e. without needing Rush).