Secure Email Using STARTTLS

Posts: 1
Joined: Tue Jan 05, 2016 5:22 pm

Secure Email Using STARTTLS

Postby raghunabu » Fri Apr 01, 2016 7:58 pm


We are working on secure email feature ( Non-OS SDK v1.5.2 ) for ESP8266 using STARTTLS approach.

As step 1,

To check SSL connection , We tried HTTPS client without any certificates and it works.

Now we tried below scenario

1. Do non-secure tcp connect - Works
2. Send EHLO <mail server> - Works
3. Send STARTTLS - Works
4. -----Now do TLS Negotiation without closing connection - ???
5. Send EHLO
6. ......Other smtp email commands ...

After #3, i.e we receive " S: 220 Ready to start TLS " response

How to do a TLS negotiation using Non-OS SDK without closing the non-secure connection ?

Below is the requirement , what we want to achieve using Espressif Non-OS SDK,
- start by creating a normal TCP socket and connect it to
- send a "ehlo []\r\n" command
- get the answers from the server (Notice: so far everything is in clear)
- send a "STARTTLS\r\n" command
- get the answer (i.e. "220 Ready for TLS")
- at this moment, create your ssl wrapper (method, ctx, etc...) and use "SSL_set_fd" and "SSL_connect" to activate it
- send a new "ehlo []\r\n" command but using the SSL socket

From now on, use "SSL_write" and "SSL_read" with the SSL socket to send your authentication information and email.

Please let us know if you have any pointers here...

Posts: 1637
Joined: Mon Oct 27, 2014 11:08 am

Re: Secure Email Using STARTTLS

Postby ESP_Faye » Tue Apr 05, 2016 11:24 am


Could you use ESP8266_RTOS_SDK?
ESP8266_NONOS_SDK do not support your steps.
Posts: 1
Joined: Sat Oct 29, 2016 3:43 am

Re: Secure Email Using STARTTLS

Postby » Sat Oct 29, 2016 3:48 am


I am also trying to use the NON_OS SDK (rev 2.0) and have the exact same requirement. I need to support StartTLS authentication, which requires not closing the socket between creating the insecure connection and then adding a secure envelope on it and sending and receiving with SSL.

You said the RTOS version was a possibility. How do you turn an existing insecure connection into a secure one?

Also, are there plans to add this functionality to the non-RTOS SDK? I'm worried that the size and performance overhead of the RTOS SDK will be too great for my needs. What is your experience in comparing an application written using each SDK?


Posts: 2
Joined: Mon Feb 26, 2018 8:48 pm

Re: Secure Email Using STARTTLS

Postby zafarpatel7 » Mon Mar 12, 2018 3:24 pm

i am also getting same problem

when i am send AUTH LOGIN the connection was closed

Who is online

Users browsing this forum: No registered users and 1 guest