Configuring an SSL-Authenticated APRS-IS Port
YAAC can communicate with the APRS-IS network on the Internet. To
create an APRS-IS connection that is authenticated by SSL certificate (currently an experimental
feature only supported by a few APRS-IS Tier 2 servers) rather
than by the insecure passcode scheme, first import your ARRL Logbook of the World
private key and public certificate, then click the Add button on the Ports tab of
the Configure dialog, then change the Port Type to SSL-APRS-IS. The dialog
will then appear like this:
The options to be set for an SSL-authenticated APRS-IS connection are:
- The Internet domain name of the APRS-IS gateway to be
connected to. An alias for all world-wide Tier 2 gateway known to support SSL
is pre-provided for selection, but any other APRS-IS gateway's
domain name may be typed in as well (assuming that gateway supports SSL).
- The TCP port number at the gateway to connect to. The most
common port numbers are provided, and 24580 should be selected
unless a non-standard port is needed for some reason on a custom
gateway.
- The filter expression for receiving traffic from APRS-IS. If
a filter expression is not specified and this APRS-IS port is either not enabled for transmission
or YAAC does not have a local RF port (Serial_TNC
or AGWPE ports) declared and
the standard filtered port (24580) is specified, a default radius filter of 80 kilometers
around the fixed latitude and longitude defined for the beacon
will be used. If the beacon latitude and longitude are not
specified, a default radius filter of 50 kilometers around 39°15'N,
76°36'W (the location of the 2011 ARRL/TAPR DCC) will be used.
If the APRS-IS connection is enabled for transmission and has a local RF port
defined, no default filter will be applied; it is expected that
the APRS-IS backbone servers will then only forward packets addressed
to stations that have sent packets into the APRS-IS from here.
- Whether or not this port can transmit messages into APRS-IS;
if a valid private key and public certificate is not available for the specified callsign,
the APRS-IS network will reject the connection attempt even for receive-only.
- Which of potentially several beacon definitions will be transmitted
through this port. If none is checked when the port configuration is
saved, the default beacon will be used (and will show up as checked when
this configuration panel is next opened). To specify that a beacon should
not be sent out this port, a beacon should be selected that is not enabled
on the Beacon tab of the expert-mode configuration dialog.
The "Test Port" button provides a means of verifying that you have connected to the correct place;
it opens a terminal window connected to the configured APRS-IS server so that you can manually
test the server for the desired operation. To complete testing, close the terminal window.
If both an APRS-IS port and an RF port are opened, YAAC expects to be used as an I-gate
(Internet gateway) station. This tutorial explains more
about I-gating.