Security in Development Environments
If you are developing an application and want to test it over HTTP, it is possible, although NOT recommended.
 |
Use the settings described here ONLY while developing an application in a closed environment. For security best practices, do NOT use them in production.
|
To set it up, set the security-related properties on the ClientConfigurator
• AllowSelfSignedCertificates(Boolean) — Set to false by default. If you want to use self-signed certificates during development, set this property to true. When you move to a production environment, make sure this property is set to false. If you set this property to true, you do NOT need to set the DisableCertValidation property.
• DisableCertValidation(Boolean) — Set to true to notify the TLS library to not validate the server certificate. Be sure to set it to false before moving to a production environment. If you set this property to true, do not set the AllowSelfSignedCertificatis property to true. The self-signed certificate will be ignored if this property is set to true.
• Uri(String uri) — Sets the URI that is used for connecting to the ThingWorx platform. This URI is in the following form:
◦ Non-secure websockets: ws://<server>:<port>/ThingWorx/WS
Where <server> is the IP address or domain name of the ThingWorx Platform and <port> is the port on which the platform is listening.