Hello,
I am trying to access a website that requires an SSL certificate but my ESP AT command call-back is an error.
The SSL is extension is .cer
Using (https://docs.espressif.com/projects/esp ... files.html)
I have converted this into the binary format
python AtPKI.py generate_bin -b ./ESP_CERT_FILE.bin cert SSL_CERT_FILE.cer
python AtPKI.py generate_bin -b ./ESP_CA_FILE.bin ca SSL_CERT_FILE.cer
Files have been generated successfully.
I have then uploaded the file to the ESP using the ESP32C3 FLASH DOWNLOAD TOOL V3.9.3 using the latest ESP32-C3-MINI-1_AT_Bin_V2.4.2.0 but replacing the client_ca file.
locations found in the download.config:
--flash_mode dio --flash_freq 40m --flash_size 4MB
0x8000 partition_table/partition-table.bin
0xd000 ota_data_initial.bin
0xf000 phy_multiple_init_data.bin
0x0 bootloader/bootloader.bin
0x60000 esp-at.bin
0x1e000 at_customize.bin
0x25000 customized_partitions/server_cert.bin
0x3a000 customized_partitions/mqtt_key.bin
0x27000 customized_partitions/server_key.bin
0x29000 customized_partitions/server_ca.bin
0x2f000 customized_partitions/client_ca.bin
0x31000 customized_partitions/factory_param.bin
0x1F000 customized_partitions/ble_data.bin
0x3c000 customized_partitions/mqtt_ca.bin
0x38000 customized_partitions/mqtt_cert.bin
0x2b000 customized_partitions/client_cert.bin
0x2d000 customized_partitions/client_key.bin
The response I get is:
+HTTPCLIENT:35,Date: Thu, 05 Jan 2023 10:42:23 GMT
<LF>+HTTPCLIENT:30,Content-Type: application/json
<LF>+HTTPCLIENT:17,Content-Length: 0
<LF>+HTTPCLIENT:22,Connection: keep-alive
<LF>+HTTPCLIENT:54,x-amzn-RequestId: bb2ea242-4235-460e-a1dd-f1be8f4a050e
<LF>+HTTPCLIENT:53,x-amzn-ErrorType: MissingAuthenticationTokenException
<LF>+HTTPCLIENT:32,x-amz-apigw-id: eQ9ufEGarPEFRwA=
<LF>
<LF>ERROR
The message on the site currently is {"message": "MissingAuthentication Token"} but what I am trying to do is remove the ERROR callback.
I have tried converting the certification into the client_cert file with corresponding address and have flashed that to the device, same issue.
Any help?
Issue with SSL certificate
-
ShahinHaque
- Posts: 17
- Joined: Mon Oct 31, 2022 12:10 pm
Issue with SSL certificate
Last edited by ShahinHaque on Tue Jan 10, 2023 10:40 am, edited 1 time in total.
Re: Issue with SSL certificate
Hi,ShahinHaque wrote: ↑Thu Jan 05, 2023 10:54 amHello,
I am trying to access a website that requires an SSL certificate but my ESP AT command call-back is an error.
The SSL is extension is .cer
Using (https://docs.espressif.com/projects/esp ... files.html)
I have converted this into the binary format
python AtPKI.py generate_bin -b ./ESP_CERT_FILE.bin cert SSL_CERT_FILE.cer
python AtPKI.py generate_bin -b ./ESP_CA_FILE.bin ca SSL_CERT_FILE.cer
Files have been generated successfully.
I have then uploaded the file to the ESP using the ESP32C3 FLASH DOWNLOAD TOOL V3.9.3 using the latest ESP32-C3-MINI-1_AT_Bin_V2.4.2.0 but replacing the client_ca file.
locations found in the download.config:
--flash_mode dio --flash_freq 40m --flash_size 4MB
0x8000 partition_table/partition-table.bin
0xd000 ota_data_initial.bin
0xf000 phy_multiple_init_data.bin
0x0 bootloader/bootloader.bin
0x60000 esp-at.bin
0x1e000 at_customize.bin
0x25000 customized_partitions/server_cert.bin
0x3a000 customized_partitions/mqtt_key.bin
0x27000 customized_partitions/server_key.bin
0x29000 customized_partitions/server_ca.bin
0x2f000 customized_partitions/client_ca.bin
0x31000 customized_partitions/factory_param.bin
0x1F000 customized_partitions/ble_data.bin
0x3c000 customized_partitions/mqtt_ca.bin
0x38000 customized_partitions/mqtt_cert.bin
0x2b000 customized_partitions/client_cert.bin
0x2d000 customized_partitions/client_key.bin
The response I get is:
+HTTPCLIENT:35,Date: Thu, 05 Jan 2023 10:42:23 GMT
<LF>+HTTPCLIENT:30,Content-Type: application/json
<LF>+HTTPCLIENT:17,Content-Length: 0
<LF>+HTTPCLIENT:22,Connection: keep-alive
<LF>+HTTPCLIENT:54,x-amzn-RequestId: bb2ea242-4235-460e-a1dd-f1be8f4a050e
<LF>+HTTPCLIENT:53,x-amzn-ErrorType: MissingAuthenticationTokenException
<LF>+HTTPCLIENT:32,x-amz-apigw-id: eQ9ufEGarPEFRwA=
<LF>
<LF>ERROR
The message on the site currently is {"message": "MissingAuthentication Token"} but what I am trying to do is remove the ERROR callback.
I have tried converting the certification into the client_cert file with corresponding address and have flashed that to the device, same issue.
Any help?
The SSL connection method corresponding to the HTTP_TRANSPORT_OVER_SSL parameters in the figure below does not verify the certificate. If the SSL website you want to connect to requires one-way or two-way authentication, you may need to customize the AT command to complete this function.
Please refer to the documentation for how to customize AT commands: https://docs.espressif.com/projects/esp ... mands.html
Maybe you can learn about the AT+CIPSTART command to create a two-way authenticated SSL connection, and then send a delete request through the AT+CIPSEND command. Of course, this is just a guess, and I hope it can help you.
ESP32 as an SSL client to create a single connection with mutual authentication:https://docs.espressif.com/projects/esp ... entication
- 企业微信截图_16729737848116.png (55.78 KiB) Viewed 2714 times
Who is online
Users browsing this forum: No registered users and 42 guests