https_request example fails with updated certificate.
Posted: Wed Jun 22, 2022 1:18 pm
The https_request example that is supplied works with the provided certificate even though it has expired. I retrieved the latest certificate file for https://www.howsmyssl.com/a/check using a browser and replaced the old one.
Now, the first of the 3 requests works but the last two fail with the following errors:
Retrieved Certificate for https://www.howsmyssl.com/a/check:
I get similar behavior when trying to access our AWS servers. The OTA example also fails when I attempt to retrieve the binary from our AWS servers. It works if I spin up a Debian VM and generate a certificate file with openssl as per the instructions.
Now, the first of the 3 requests works but the last two fail with the following errors:
- I (18265) example: https_request using cacert_buf
- E (18925) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700
- I (18925) esp-tls-mbedtls: Failed to verify peer certificate!I (18925) esp-tls-mbedtls: verification info: ! The certificate is not correctly signed by the trusted CA
- E (18935) esp-tls: Failed to open new connection
- E (18945) example: Connection failed...
- ------
- I (29955) example: https_request using global ca_store
- W (30205) wifi:<ba-add>idx:2 (ifx:0, 94:53:30:e2:c1:b0), tid:3, ssn:0, winSize:64
- E (30495) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700
- I (30495) esp-tls-mbedtls: Failed to verify peer certificate!I (30505) esp-tls-mbedtls: verification info: ! The certificate is not correctly signed by the trusted CA
- E (30515) esp-tls: Failed to open new connection
- E (30515) example: Connection failed...
- -----BEGIN CERTIFICATE-----
- MIIEjjCCA3agAwIBAgISA5cSeCYmxRnm7L/MLS+5Sma7MA0GCSqGSIb3DQEBCwUA
- MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
- EwJSMzAeFw0yMjA2MTQwMzAyMTJaFw0yMjA5MTIwMzAyMTFaMBwxGjAYBgNVBAMT
- EXd3dy5ob3dzbXlzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELNaZ
- bNkFgjEDFBDeP4hxKlLNg8mPQJyR/U0xhw/ZPDLM8cy1tYt/qr1eV2763fn8PnnL
- /VdZ4hqEF7lncpLgIKOCAn0wggJ5MA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
- BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUlI7e
- Qv+gBHoSQ/rwxWB9HXV+BeYwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
- wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
- ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wTQYDVR0R
- BEYwRIINaG93c215c3NsLmNvbYINaG93c215dGxzLmNvbYIRd3d3Lmhvd3NteXNz
- bC5jb22CEXd3dy5ob3dzbXl0bHMuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcG
- CysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5
- cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA36Veq2iCTx9sre64X04+
- WurNohKkal6OOxLAIERcKnMAAAGBYGBKJAAABAMASDBGAiEA3JEiu/PKb1Qg5iZ5
- hrIHSVn/+UZRzJ1+qB6OTTmXp74CIQCID4gOGEmFv+spEFxWDtzVNPiUuskK5VZi
- vDJZi09xKQB1ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABgWBg
- ShYAAAQDAEYwRAIgYl2BTtsOfd4rHD2KrdZMm991xyp2bCMffTtslAf+j9gCIBrF
- ywTrHuH3B1UMhHihP6YtCB3g0NrmDg0NgJ9uGKIyMA0GCSqGSIb3DQEBCwUAA4IB
- AQAXmgKqwecl1ac+DwFs3Sr/NHq9FZEbr9f/UOIPUVzELg89RG7EASI7taQr+Xyl
- DvH13FhmRQpOEjmbcqakVzErg9IGY4m518czgIo4w04QsyTNXDCpKtK9MN8tqhn0
- PEMM9ju1zYVVGGNagQehoxN2MuG8JVjb+BF+jFWKqtxtukft/wTNtVj+uqJwvCos
- 6f6dKw6XtnPXXALGb3TZdEfQT+zDwevygjWPCTtlZ5YAi5pmrT1heP4Tfb8vB5Mm
- LgeCBmlPqW/GMVIILI8p5fazH+/g2bviv7+w+TJk75lK72i5MyF7RLZwMSQmxNMH
- R+1M4Mok2p6GhfanJGxUltOc
- -----END CERTIFICATE-----