Unable to make HTTPS POST with client certificate #62
Description
Hello,
I have really strange issue when trying to make HTTP POST with SSL from ESP32 with SIM7600G.
The thing is it works from time to time. Probably 1-2 out of 10 calls are successfull. For the rest the library returns -2 or -3 status code.
I can also add, that using that code without SSL auth works perfectly. Also using WiFiClientSecure works really fine.
Here is my full code:
#include <SSLClient.h>
#include "certs.h"
#include <HardwareSerial.h>
#define GSM_RX 27
#define GSM_TX 14
#define TEENSY_RX 16
#define TEENSY_TX 17
#define MODEM_PWRKEY 25
// Select your modem:
#define TINY_GSM_MODEM_SIM7600
#define TINY_GSM_RX_BUFFER 1024
#include <TinyGsmClient.h>
#include <ArduinoHttpClient.h>
HardwareSerial SerialAT(1); //gsm
HardwareSerial SerialTeensy(2); //teensy
//============================================
#define TINY_GSM_DEBUG SerialMon
#ifdef TINY_GSM_DEBUG
#define SerialMon Serial
#endif
#define TINY_GSM_USE_GPRS true
//============================================
//#define DUMP_AT_COMMANDS
#ifdef DUMP_AT_COMMANDS
#include <StreamDebugger.h>
StreamDebugger debugger(SerialAT, SerialMon);
TinyGsm modem(debugger);
#else
TinyGsm modem(SerialAT);
#endif
//============================================
TinyGsmClient gsm_transpor_layer(modem, 0);
SSLClient secure_presentation_layer(&gsm_transpor_layer);
HttpClient client = HttpClient(secure_presentation_layer, server, 443);
unsigned long prevFinished = 0;
void setup() {
#ifdef TINY_GSM_DEBUG
SerialMon.begin(115200);
delay(10);
#endif
logTextLine("Wait...");
SerialAT.begin(115200, SERIAL_8N1, GSM_RX, GSM_TX);
while (!SerialAT)
;
SerialTeensy.begin(115200, SERIAL_8N1, TEENSY_RX, TEENSY_TX);
while (!SerialTeensy)
;
setupModem();
secure_presentation_layer.setCACert(ca);
secure_presentation_layer.setCertificate(client_crt);
secure_presentation_layer.setPrivateKey(client_key);
}
bool sending = false;
String dataToSend = "";
void loop() {
#ifdef TINY_GSM_DEBUG
String text = ">dataToSend";
#else
String text = SerialTeensy.readStringUntil('<');
#endif
if (!sending && text.startsWith(">") && text.length() > 2 && (millis() - prevFinished > 15000)) {
logText("Received >>");
logText(text);
logTextLine("<<");
if (!modem.init()) {
logTextLine(" fail... restarting modem...");
setupModem();
// Restart takes quite some time
// Use modem.init() if you don't need the complete restart
if (!modem.restart()) {
logTextLine(" fail... even after restart");
return;
}
}
logTextLine(" Modem initialized");
sending = true;
dataToSend = text.substring(1);
logText("Sending: ");
logTextLine(dataToSend);
if (send()) {
logTextLine("Successfully send data");
} else {
logTextLine("Sending data failed");
}
sending = false;
dataToSend = "";
prevFinished = millis();
}
}
bool send() {
if (!waitForNetwork() || !connectToNetwork() || !setupGprs()) {
return false;
}
logTextLine("Performing HTTPS POST request... ");
String jsonData = "{\"data\":\"" + dataToSend + "\"}";
client.beginRequest();
client.post(resource);
client.sendHeader("Content-Type", "application/json");
client.sendHeader("Authorization", "Basic xxx");
client.sendHeader("Content-Length", String(jsonData.length()));
client.beginBody();
client.print(jsonData);
client.endRequest();
int status_code = client.responseStatusCode();
logText("Status code: ");
logTextLine(status_code);
if (status_code <= 0) {
setupModem();
return false;
}
client.stop();
modem.gprsDisconnect();
modem.poweroff();
logTextLine("Server disconnected");
return status_code == 200;
}
void turnModemOn() {
pinMode(MODEM_PWRKEY, OUTPUT);
digitalWrite(MODEM_PWRKEY, LOW);
delay(1000); //Datasheet Ton mintues = 1S
digitalWrite(MODEM_PWRKEY, HIGH);
}
void turnModemOff() {
digitalWrite(MODEM_PWRKEY, LOW);
delay(1500); //Datasheet Ton mintues = 1.2S
digitalWrite(MODEM_PWRKEY, HIGH);
}
void setupModem() {
logTextLine("Restarting modem");
turnModemOff();
delay(1000);
turnModemOn();
delay(5000);
logTextLine("Initializing modem...");
modem.restart();
modem.setNetworkMode(51); //2 auto , 13 - gsm, 38 - lte, 51 - gsm and lte
String modemInfo = modem.getModemInfo();
logText("Modem Info: ");
logTextLine(modemInfo);
logText("Signal strength: ");
logTextLine(modem.getSignalQuality());
}
bool waitForNetwork() {
logText("Waiting for network...");
if (!modem.waitForNetwork()) {
logTextLine(" fail");
return false;
}
logTextLine(" success");
return true;
}
bool connectToNetwork() {
if (modem.isNetworkConnected()) {
logTextLine("Network connected");
return true;
} else {
return false;
}
}
bool setupGprs() {
// GPRS connection parameters are usually set after network registration
logText("Connecting to ");
logTextLine(apn);
modem.sendAT(GF("+CGDCONT=1"));
modem.waitResponse();
modem.sendAT(GF("+CGDCONT=2"));
modem.waitResponse();
modem.sendAT(GF("+CGDCONT=3"));
modem.waitResponse();
logTextLine("PDP reset done");
if (!modem.gprsConnect(apn, gprsUser, gprsPass)) {
logTextLine(" fail");
return false;
}
logTextLine(" success");
if (modem.isGprsConnected()) {
logTextLine("GPRS connected");
return true;
}
return false;
}
void logTextLine(String line) {
#ifdef TINY_GSM_DEBUG
SerialMon.println(line);
#endif
}
void logTextLine(int line) {
#ifdef TINY_GSM_DEBUG
SerialMon.println(line);
#endif
}
void logText(String line) {
#ifdef TINY_GSM_DEBUG
SerialMon.print(line);
#endif
}
void logText(int line) {
#ifdef TINY_GSM_DEBUG
SerialMon.print(line);
#endif
}
Ane the result:
Waiting for network... success
Network connected
Connecting to darmowy
PDP reset done
success
GPRS connected
Performing HTTPS POST request...
[536307][V][SSLClient.cpp:161] connect(): connect with CA
[536307][V][SSLClient.cpp:219] connect(): Connecting to *************
[536312][V][SSLClient.cpp:220] connect(): Timeout value: 0
[536594][V][ssl_client.cpp:405] seed_random_number_generator(): Entropy context initialized
[536600][V][ssl_client.cpp:308] start_ssl_client(): Random number generator seeded, ret: 0
[536608][V][ssl_client.cpp:425] set_up_tls_defaults(): Setting up the SSL/TLS defaults...
[536616][V][ssl_client.cpp:313] start_ssl_client(): SSL config defaults set, ret: 0
[536623][V][ssl_client.cpp:461] auth_root_ca_buff(): Loading CA cert
[536633][V][ssl_client.cpp:318] start_ssl_client(): SSL auth mode set, ret: 0
[536636][V][ssl_client.cpp:546] auth_client_cert_key(): Loading CRT cert
[536646][V][ssl_client.cpp:555] auth_client_cert_key(): Loading private key
[536654][V][ssl_client.cpp:323] start_ssl_client(): SSL client cert and key set, ret: 0
[536657][V][ssl_client.cpp:601] set_hostname_for_tls(): Setting hostname for TLS session...
[536665][V][ssl_client.cpp:328] start_ssl_client(): SSL hostname set, ret: 0
[536672][V][ssl_client.cpp:653] set_io_callbacks_and_timeout(): Setting up IO callbacks...
[536680][V][ssl_client.cpp:656] set_io_callbacks_and_timeout(): Setting timeout to 0
[536687][V][ssl_client.cpp:333] start_ssl_client(): SSL IO callbacks and timeout set, ret: 0
[536695][V][ssl_client.cpp:699] perform_ssl_handshake(): Performing the SSL/TLS handshake, timeout 120000 ms
[536705][D][ssl_client.cpp:701] perform_ssl_handshake(): calling mbedtls_ssl_handshake with ssl_ctx address 0x3ffba7d8
[536790][V][ssl_client.cpp:194] client_net_send(): SSL client TX res=310 len=310
[536791][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536804][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536814][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536824][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536834][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536844][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536975][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 131ms)
[536975][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536979][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=67 expected=67 in 0ms)
[536989][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[536995][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[537005][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[537202][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=2321 expected=2321 in 191ms)
[537642][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[537642][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[537647][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[537654][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=115 expected=115 in 0ms)
[538101][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[538101][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[538106][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[538112][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=374 expected=374 in 0ms)
[538122][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[538128][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[538138][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[538144][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=4 expected=4 in 0ms)
[538306][V][ssl_client.cpp:194] client_net_send(): SSL client TX res=1064 len=1064
[538797][V][ssl_client.cpp:194] client_net_send(): SSL client TX res=42 len=42
[539343][V][ssl_client.cpp:194] client_net_send(): SSL client TX res=269 len=269
[539363][V][ssl_client.cpp:194] client_net_send(): SSL client TX res=6 len=6
[539387][V][ssl_client.cpp:194] client_net_send(): SSL client TX res=45 len=45
[539387][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539400][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539410][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539420][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539430][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539560][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 130ms)
[539560][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539603][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=1258 expected=1258 in 38ms)
[539604][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539609][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[539618][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539625][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=1 expected=1 in 0ms)
[539634][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539640][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[539649][V][ssl_client.cpp:118] client_net_recv_timeout(): Timeout set to 0
[539656][V][ssl_client.cpp:135] client_net_recv_timeout(): SSL client RX (received=40 expected=40 in 0ms)
[539666][V][ssl_client.cpp:722] perform_ssl_handshake(): Protocol is TLSv1.2 Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
[539677][E][ssl_client.cpp:728] perform_ssl_handshake(): mbedtls_ssl_get_record_expansion returned -0xffffffe3
[539687][D][ssl_client.cpp:791] stop_ssl_socket(): Cleaning SSL connection.
[539693][D][ssl_client.cpp:795] stop_ssl_socket(): Stopping SSL client. Current client pointer address: 0x3ffc2468
[539713][D][ssl_client.cpp:800] stop_ssl_socket(): Freeing CA cert. Current ca_cert address: 0x3ffbada8
[539713][D][ssl_client.cpp:808] stop_ssl_socket(): Freeing client cert and client key. Current client_cert address: 0x3ffbaf00, client_key address: 0x3ffbb058
[539726][D][ssl_client.cpp:816] stop_ssl_socket(): Freeing SSL context. Current ssl_ctx address: 0x3ffba7d8
[539736][D][ssl_client.cpp:819] stop_ssl_socket(): Freeing SSL config. Current ssl_conf address: 0x3ffba9f8
[539745][D][ssl_client.cpp:822] stop_ssl_socket(): Freeing DRBG context. Current drbg_ctx address: 0x3ffbaae0
[539755][D][ssl_client.cpp:825] stop_ssl_socket(): Freeing entropy context. Current entropy_ctx address: 0x3ffbab30
[539765][D][ssl_client.cpp:828] stop_ssl_socket(): Finished cleaning SSL connection.
[539773][D][ssl_client.cpp:249] cleanup(): Free internal heap after TLS 326884
[539780][E][ssl_client.cpp:45] _handle_error(): [start_ssl_client():353]: (29) UNKNOWN ERROR CODE (001D)
[539789][V][SSLClient.cpp:232] connect(): Return value from start_ssl_client: 0
[539796][E][SSLClient.cpp:235] connect(): start_ssl_client failed: 0
[539802][D][SSLClient.cpp:90] stop(): Stopping ssl client
[539807][D][ssl_client.cpp:791] stop_ssl_socket(): Cleaning SSL connection.
[539814][D][ssl_client.cpp:795] stop_ssl_socket(): Stopping SSL client. Current client pointer address: 0x3ffc2468
[539885][D][ssl_client.cpp:816] stop_ssl_socket(): Freeing SSL context. Current ssl_ctx address: 0x3ffba7d8
[539885][D][ssl_client.cpp:819] stop_ssl_socket(): Freeing SSL config. Current ssl_conf address: 0x3ffba9f8
[539893][D][ssl_client.cpp:822] stop_ssl_socket(): Freeing DRBG context. Current drbg_ctx address: 0x3ffbaae0
[539903][D][ssl_client.cpp:825] stop_ssl_socket(): Freeing entropy context. Current entropy_ctx address: 0x3ffbab30
[539913][D][ssl_client.cpp:828] stop_ssl_socket(): Finished cleaning SSL connection.
[539920][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539926][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539932][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539938][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539944][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539950][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539956][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539962][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539968][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539974][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539980][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539986][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539992][W][SSLClient.cpp:369] write(): SSLClient is not connected.
[539998][W][SSLClient.cpp:369] write(): SSLClient is not connected.
Status code: -3
Metadata
Metadata
Assignees
Labels
No labels