SPW40SA Certificate Error:23

Rohan Gupta · ‎2018-01-13

Posted on January 13, 2018 at 15:07

Hello Everyone,

Even if I load the DER binary format into my wifi-module SPW40SA , The subject key identifier won't be detected automatically by the module. I have to manually add the key and if I try the simple AT+S.HTTPGET demostrated in AN4963 document for the

http://www.amazon.com

i get Certificate error:23(The CA could not be found) . I even tried with the PEM format also but still the same error exists .

Does anyone have the same problem or any hint on how to resolve this issue ?

#wifi #certificate #spwf40sa #tlscert

Elio Cometti · ‎2018-01-18

Posted on January 18, 2018 at 10:43

Hello Rohan,

Below you can find the log I get with my SPWF04SA module.

Few guesses:

- about the SubjectKeyId is not automatically extracted when loading DER certificate, maybe the certificate was not properly saved/converted. I downloaded the Root CA (VeriSignClass3PublicPrimaryCertificationAuthority-G5 from my location) certificate in PEM format and then I converted it to DER by:

openssl x509 -in VeriSignClass3PublicPrimaryCertificationAuthority-G5.crt -out VeriSignClass3PublicPrimaryCertificationAuthority-G5.der -outform DER

- about Certificate error:23, it may be a direct consequence of previous point, or maybe the certificate is incorrect or the auth field is incorrect.

Following my log:

AT+S.TLSCERT=ca,1239

AT-S.SubjectKeyId:7F:D3:65:A7:C2:DD:EC:BB:F0:30:09:F3:43:39:FA:02:AF:33:31:33

AT-S.OK

AT+S.HTTPGET=www.amazon.com,,443,2,,,,

AT-S.Skip CA

AT-S.Loading:1:2

AT-S.Http Server Status Code:200

78b7

<!doctype html><html class='a-no-js' data-19ax5a9jf='dingo'>

(**** about 300KB of data ****)

<!-- _

.__(.)< (MEOW)

\___)

~~~~~~~~~~~~~~~~~~-->

AT-S.OK