How to test Certifications on ESP32C3 AT
-
- Posts: 17
- Joined: Mon Oct 31, 2022 12:10 pm
How to test Certifications on ESP32C3 AT
Lets say I have a site that requires a certificate, I can import that certificate to the ESP32C3 via ESP FLASH DOWNLOAD TOOL to it's respective memory locations. Is there a function that can check if the certificate is valid?
Re: How to test Certifications on ESP32C3 AT
Hi,ShahinHaque wrote: ↑Fri Jan 06, 2023 12:36 pmLets say I have a site that requires a certificate, I can import that certificate to the ESP32C3 via ESP FLASH DOWNLOAD TOOL to it's respective memory locations. Is there a function that can check if the certificate is valid?
Maybe you can try to create an SSL connection using openssl. First verify that your certificate is valid. If you can use the certificate to create an SSL connection using openssl normally, your certificate should be valid. Therefore, you can refer to this example(https://docs.espressif.com/projects/esp ... entication) and use the AT command to try to create an SSL connection to see if the connection can be created successfully?
-
- Posts: 17
- Joined: Mon Oct 31, 2022 12:10 pm
Re: How to test Certifications on ESP32C3 AT
Code: Select all
openssl s_client -connect website_name.com:443 -CAfile C:\Users\Shahin.Haque\Downloads\Root_CA_B64.cer
..
SSL handshake has read 2745 bytes and written 453 bytes
Verification: OK
..
..
..
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Code: Select all
openssl s_client -connect website_name.com:443
verify error:num=19:self-signed certificate in certificate chain
verify return:1
..
..
..
SSL handshake has read 2745 bytes and written 453 bytes
Verification error: self-signed certificate in certificate chain
..
..
..
Timeout : 7200 (sec)
Verify return code: 19 (self-signed certificate in certificate chain)
..
..
..
Now that I have varied that this works, I no longer need OPENSSL, the rest should be able to be done on the ESP32C3.
Using:
Code: Select all
/* AT CALLBACK */
AT+CIPSTART="SSL","wesbite_name.com",443
Code: Select all
CONNECT
OK
/* ESP CALLBACK */
cert len=1164
set cert&key ok
ssl established
I have tried removing the key aswell as making a fake key to see if it passes, but thankfully that fails
Code: Select all
/* AT CALLBACK */
ERROR
/* ESP CALLBACK */
cert len=0
ssl create 0 socket fail
Commands send to the ESP
Code: Select all
AT+RESTORE
AT+CWMODE=1
AT+CWJAP="wifi_name","wifi_password"
AT+CIPSNTPCFG=1,8,"cn.ntp.org.cn","ntp.sjtu.edu.cn"
AT+CIPSNTPTIME? (to check the date is set)
AT+CIPSSLCCONF=3,0,0 (Have also tried 1,0,0 & 2,0,0 arrangements)
AT+CIPSTART="SSL","wesbite_name.com",443
-
- Posts: 17
- Joined: Mon Oct 31, 2022 12:10 pm
Re: How to test Certifications on ESP32C3 AT
I think I may be onto something, I have the CA file rather than the Cert+Key.
Am I correct in saying I need the CA or (CERT+KEY) but not both?
If so what command would I need to use to change it to CA?
Am I correct in saying I need the CA or (CERT+KEY) but not both?
If so what command would I need to use to change it to CA?
Who is online
Users browsing this forum: No registered users and 41 guests