Page 1 of 1

How to use the sntp protocol on the ESP8266 to connect to a server in ssl?

Posted: Mon Jul 23, 2018 6:11 pm
by Clancys
Hello,

I am using an ESP8266 with the esp-open-sdk with the C language.

I have tried to use this code to get the timestamp but it is failing everytime - I am only getting 0 :
sntp_set_timezone(2);
sntp_setservername(0, "fr.pool.ntp.org");
sntp_init();
timestamp = sntp_get_current_timestamp();
os_printf("time : %d and %s\n", timestamp, sntp_get_real_time(timestamp));

As you may have understand from the subject, i am trying to connect to a server to do an https request (i am using the espconn_secure_*** functions) but it is failing everytime.
It may be because of the time (can't authenticate the certificate because of the validity over time) or because of a non-supported protocol. The TLS protocol is used for the secure transaction, the server is using TLSv1.2 and i read on internet that the ESP8266 was only supporting TLSv1.1; Is that right?
Another strange thing is that after i try to establish the tcp connection, i get the timestamp correctly.

You can see next how i am trying to connect to the server - at address 0x70000 there is the CA of the server i am trying to connect the ESP:
espconn_secure_ca_enable(1, 0x70);
espconn_secure_connect(&conn);

Am i using espconn_secure_ca_enable correctly? Am i giving him the correct document to process? Is this function necessary?
Any remarks or commentary are highly appreciated.
Clancys

Re: How to use the sntp protocol on the ESP8266 to connect to a server in ssl?

Posted: Wed Nov 28, 2018 5:23 pm
by Clancys
Hello back,

I have finally found what was happening.
You almost have to do exactly what Espressif is doing in their example,
the SNTP function needs some time given through the os_timer_...
Then you just have to wait for the sntp to get the time and
you can use the ssl function as much as you want.

Clancys.

Re: How to use the sntp protocol on the ESP8266 to connect to a server in ssl?

Posted: Tue Jan 29, 2019 5:31 pm
by Her Mary
That's true. SSL certificate will have an expire date, so you need to get the sntp time at first to see if the SSL certificate expired. Otherwise the SSL will fail.