Using HTTPS on a Roku device

I was once developing a Roku application and switched from a staging environment to (what was supposed to be) an identical production environment and everything stopped working. It turned out that the only difference with the API was one was HTTP and one was HTTPS. I know, cool story, bear with me.

Generally for a HTTP request you have something like this sat in a task node (to make it asynchronous):

function httpGetRequest(url as String) as Object
	request = createObject("roUrlTransfer")
	request.setURL(url)
	response = request.getToString()
	return response
end function

This is simplified version of what you actually would have as Roku isn’t the best at handling anything other than POST/GET requests - you’d need to handle these yourself (I’ll cover this in another post).

To enable HTTPS you have to set the certificates file and then initialise it. The certificate file is either the .pem file on your web server or the common one listed below (if you don’t know try it with the file listed below, it is included on all Roku boxes). Add the following to the code we wrote above:

if left(url, 5) = "https" then
	request.setCertificatesFile("common:/certs/ca-bundle.crt")
	request.initClientCertificates()
end if

The complete request would look something like this:

function httpGetRequest(url as String) as Object
	request = createObject("roUrlTransfer")
	if left(url, 5) = "https" then
		request.setCertificatesFile("common:/certs/ca-bundle.crt")
		request.initClientCertificates()
	end if
	request.setURL(url)
	response = request.getToString()
	return response
end function
Mood