ESP8266 Developer Zone

Re: SSL Connect.

2015-01-05T14:15:19+08:00

Espressif_Faye wrote:
:o

Sorry.. Please change it back..
int ICACHE_FLASH_ATTR asn1_validity(const uint8_t *cert, int *offset, X509_CTX *x509_ctx)
{
return (asn1_next_obj(cert, offset, ASN1_SEQUENCE) < 0 ||
asn1_get_utc_time(cert, offset, &x509_ctx->not_before) ||
asn1_get_utc_time(cert, offset, &x509_ctx->not_after));
}

And try this..

It works very nice,thank you very much.

Statistics: Posted by younger — Mon Jan 05, 2015 2:15 pm

Re: SSL Connect.

2015-01-05T14:04:49+08:00

Sorry.. Please change it back..
int ICACHE_FLASH_ATTR asn1_validity(const uint8_t *cert, int *offset, X509_CTX *x509_ctx)
{
return (asn1_next_obj(cert, offset, ASN1_SEQUENCE) < 0 ||
asn1_get_utc_time(cert, offset, &x509_ctx->not_before) ||
asn1_get_utc_time(cert, offset, &x509_ctx->not_after));
}

And try this..

Statistics: Posted by ESP_Faye — Mon Jan 05, 2015 2:04 pm

Re: SSL Connect.

2015-01-05T10:20:03+08:00

Espressif_Faye wrote:
Please try this:

Hi Espressif_Faye,

Does it work after modify this code?

I have tried this but still fail.

Code:

ip:192.168.1.126,mask:255.255.255.0,gw:192.168.1.1
user_esp_platform_dns_found 111.206.227.37
user_esp_platform_connect
espconn_ssl_connect 0x3fff5a00 0x3fff59a0 0x00006338 1073699992
client handshake start.
espconn_ssl_client ssl_ctx 0x3fff5cf0
send_raw_packet pkt_size 56
send_raw_packet Length 56
espconn_ssl_csent 0x3fff5a00 0x3fff5dbc 56
espconn_ssl_crecv 409 0x3fff5d90 0x3fff5978
do_clnt_handshake: 107 2
do_clnt_handshake: 107 11
Error: Invalid X509 ASN.1 file (X509 not ok)
send_raw_packet pkt_size 7
send_raw_packet Length 7
client handshake failed
espconn_ssl_cclose 0
espconn_ssl_cclose_cb 10 0
send_raw_packet pkt_size 7
send_raw_packet Length 7
user_esp_platform_discon_cb
user_esp_platform_reconnect

Statistics: Posted by younger — Mon Jan 05, 2015 10:20 am

Re: SSL Connect.

2015-01-05T09:33:29+08:00

Please try this:

Statistics: Posted by ESP_Faye — Mon Jan 05, 2015 9:33 am

Re: SSL Connect.

2015-01-04T21:07:41+08:00

Espressif_Faye wrote:
Does your server （111.206.227.37） has port 443 ？

Only port 2001.

Statistics: Posted by younger — Sun Jan 04, 2015 9:07 pm

Re: SSL Connect.

2015-01-04T17:42:06+08:00

Does your server （111.206.227.37） has port 443 ？

Statistics: Posted by ESP_Faye — Sun Jan 04, 2015 5:42 pm

Re: SSL Connect.

2015-01-04T14:09:36+08:00

Espressif_Faye wrote:
It seems that SSL certificate of your server is not correct， so the connecting fails.

What do you want to do？

The server is JD-Cloud server ,I just use ESP8266 to connect it,but it is fail.

But another code in cyassl "CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0)" will be OK, and the SSL_VERIFY_NONE seems ignored the verify result to ensure the connect suuceed.

In ESP8266 use axtls for ssl, how can I achieve it for SSL_VERIFY_NONE? Maybe I must transplant cyassl instead of axtls in ESP8266?

Statistics: Posted by younger — Sun Jan 04, 2015 2:09 pm

Re: SSL Connect.

2015-01-04T14:06:35+08:00

It seems that SSL certificate of your server is not correct， so the connecting fails.

What do you want to do？

Statistics: Posted by ESP_Faye — Sun Jan 04, 2015 2:06 pm

SSL Connect.

2015-01-04T10:59:29+08:00

Hi ,
I have connected to a ssl server, but it is always failed. The ip and port is 111.206.227.37:2001.

I want to have SSL_connect succeed even if verifying the server fails and reducing security, may like "SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0)" in cyassl.

How to do like this in ESP8266 sdk ?

Statistics: Posted by younger — Sun Jan 04, 2015 10:59 am