Connect site with SSL

Good Day
Posts: 3
Joined: Thu Apr 01, 2021 3:02 pm

Connect site with SSL

Postby Good Day » Thu Apr 01, 2021 3:34 pm

Dear all,

I know that SSL connection problem with AT command can be found in this BBS.

And I already refer "https://bbs.espressif.com/viewtopic.php?f=16&t=3381&p=73870&hilit=ssl#p73870" but it doesn't helpful.

I used ESP-WROOM-02D and please check below firmware information.

AT+GMR
AT version:1.7.3.0(Mar 19 2020 18:15:04)
SDK version:3.0.3(8427744)
compile time:Mar 24 2020 16:16:12
Bin version(Wroom 02):3.0.3
OK

In my board, with below AT command sequences,

> AT+CIPMUX=1
> AT+CIPSSLSIZE=4096
> AT+CIPSTART="SSL","site's URL",443

"www.google.com" can be connected but "arduino.cc" can not be connected.

How I can check and solve problem?
Do there need more AT commands?

I want to check my own web server, but I think "arduino.cc" has same problem.
So I asked about "arduino.cc" first.

Thanks.

Good Day
Posts: 3
Joined: Thu Apr 01, 2021 3:02 pm

Re: Connect site with SSL

Postby Good Day » Fri Apr 09, 2021 6:23 pm

After connect "google.com" with SSL mode, I asked GET messages like below.

"GET /index.html HTTP/1.1 Host: google.com"

And I can see below message.

"HTTP/1.1 301 Moved Permanently
Location: https://www.google.com/
Content-Type: text/html; charset=UTF-8"

I'm not sure, I connect google with HTTPs or not.

And there are descriptions for "+CIPSSLCCONF".
Am I set it with esp_ca_cert.bin and esp_cert_private_key.bin?

Thans in advance.

Her Mary
Posts: 494
Joined: Mon Oct 27, 2014 11:09 am

Re: Connect site with SSL

Postby Her Mary » Mon Apr 12, 2021 11:34 am

If you set it as

Code: Select all

AT+CIPSTART="SSL",xxxx
then it should be SSL connection. Or maybe you can try to capture Wi-Fi packets to make sure of it.
And some SSL server may need certificates to connect to it, but google.com is not one of them.

Good Day
Posts: 3
Joined: Thu Apr 01, 2021 3:02 pm

Re: Connect site with SSL

Postby Good Day » Tue Apr 13, 2021 8:39 am

Dear Her Mary,

Thanks for your reply.
Would you check below comments?

* I don't change firmware and I used it original one.

1. I used same AT commands except for TCP and SSL in "AT+CIPSTART" for different URLs and "AT+CIPSSLSIZE=4096" for only SSL.
I wonder there need additional or different AT commands or not.

2. Would you explain how I can "capture Wi-Fi packets to make sure of it"?

3. You said "some SSL server may need certificates to connect to it, but google.com is not one of them".
"https://www.arduino.cc/" is public domain.
Would you share example to access "https://www.arduino.cc/" by using AT commands?

Thanks.

Who is online

Users browsing this forum: No registered users and 4 guests