A roUrlTransfer object transfers data to or from remote servers specified by URLs. It can perform mutual authentication with a web server.
This object is created with no parameters:
If using HTTPS, you must specify a certificates file by calling SetCertificatesFile() with a .pem file that includes the certificate authority cert (like Verisign, Thawte, etc… or your own with OpenSSL) that signed your web server certificate. This must be called before making a request. You can use the Roku standard cert bundle (which contains certificates for most common signing authorities) stored in common:/certs/ca-bundle.crt.
Your web server can authenticate that the requested connection is from a Roku Streaming Player and that the request is from your application by taking the following actions:
- Add the Roku CA certificate to the web server's certificate authorities keychain. The Roku CA certificate is available in the SDK distribution package, in certs/cacert.pem
- Configure your web server to reject any connection that does not have a valid client certificate.
- Check the X-Roku-Reserved-Dev-Id header in the request. It should contain the Developer ID of your application. If it does not, another application on the Roku is attempting to access the server, so the request should be rejected.
In order for your web server to perform the steps above to authenticate your Roku Streaming Player, your application needs to call the following functions before performing any https requests: