Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- STMicroelectronics Community
- Product forums
- Interface and connectivity ICs
- SPWF04SA TLS socket connection problem
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
SPWF04SA TLS socket connection problem
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2017-08-31 03:55 AM
Posted on August 31, 2017 at 12:55
I have a couple of weeks trying to make a TLS connection and it has been practically impossible. I am using the SDK for SPWF04A (STM32CubeExpansion_WIFI1_V3.0.2) on a NUCLEO-F401RE, and compiling the code into IAR. I followed all the steps explained in document AN4963 and UM2114. I have tried to obtain the root certificates (CA) of the sites that I have decided to test, and the respective Subject Key Identifier of each certificate. I have placed CA certificates in the code as text string in PEM format and exported from Google Chrome, and I proceeded to do the tests in two modalities, either using sockets, or using the http client.
The issue is that if I establish a socket or http connection to port 80 and without using encryption in the selected test sites (Googleapis, Restipsum, etc) the connection is satisfactory and I get the expected data. On the other hand, if I try to establish the connection in TLS using port 443 for each of these sites, and using its respective certificate and Subject Key Identifier, the connection generates error, usually the errors are: X509 Error 23 (maps.googleapis.com) or X509 Error 19 (restipsum.com).
Here are two examples of console output from NUCLEO-F401RE, in this case, looking for connection to 'googleapis.com' and 'restipsum.com'. They are the standard messages of the example 'Client_Socket' plus some additions that I have added into de code to make it more informative. The presentation of the Certificate and Subjetc Key is for verification purposes.
I would like to know what possible error I am committing, or, if it is a problem in the firmware of the module.
Example output: googleapis.com
-------------------------------->>model number is SPWF04SA
>>Setting CA certificate>>UART TX buffer: AT+S.TLSCERT=content,2+S.TLSCERT=content,2-S.Clean-S.OK<<OK>>UART TX buffer: AT+S.TIME=1504170338
+S.TIME=1504170338-S.OK<<OK>>UART TX buffer: AT+S.TIME+S.TIME-S.Date:17.08.31:00-S.Time:09.05.38-S.OK<<OK>>UART TX buffer: AT+S.TLSCERT=Ca,1235
-----BEGIN CERTIFICATE-----MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==-----END CERTIFICATE-----+S.TLSCERT=Ca,1235
-S.No SubjectKeyId-S.OK<<OK>>UART TX buffer: AT+S.TLSCERT=Auth,40
c07a98688d89fbab05640c117daa7d65b8cacc4e+S.TLSCERT=Auth,40-S.OK<<OK>>UART TX buffer: AT+S.TLSCERT=content,1
+S.TLSCERT=content,1-S.List-S.CA:1-S.Cert:0-S.Key:0-S.Id:1-S.OK<<OK>>TLS set certificate OK
>>UART TX buffer: AT+S.SOCKON=maps.googleapis.com,443,NULL,s+S.SOCKON=maps.googleapis.com,443,NULL,s-S.Skip CA-S.Skip CA-S.Skip CA-S.Certificate Error:23-S.ERROR:74:Failed to open socket>>ERROR!Status = 13>>Socket connection error Example output: restipsum.com-------------------------------->>model number is SPWF04SA
>>Setting CA certificate>>UART TX buffer: AT+S.TLSCERT=content,2+S.TLSCERT=content,2-S.Clean-S.OK<<OK>>UART TX buffer: AT+S.TIME=1504170338
+S.TIME=1504170338-S.OK<<OK>>UART TX buffer: AT+S.TIME+S.TIME-S.Date:17.08.31:00-S.Time:09.05.38-S.OK<<OK>>UART TX buffer: AT+S.TLSCERT=Ca,1219
-----BEGIN CERTIFICATE-----MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ-----END CERTIFICATE-----+S.TLSCERT=Ca,1219
-S.No SubjectKeyId-S.OK<<OK >>UART TX buffer: AT+S.TLSCERT=Auth,40c4a7b1a47b2c71fadbe14b9075ffc41560858910+S.TLSCERT=Auth,40-S.OK<<OK>>UART TX buffer: AT+S.TLSCERT=content,1
+S.TLSCERT=content,1-S.List-S.CA:1-S.Cert:0-S.Key:0-S.Id:1-S.OK<<OK>>TLS set certificate OK
>>UART TX buffer: AT+S.SOCKON=restipsum.com,443,NULL,s+S.SOCKON=restipsum.com,443,NULL,s-S.Skip CA-S.Skip CA-S.Certificate Error:19-S.ERROR:74:Failed to open socketERROR!Status = 13>>Socket connection error #spwf04sa #socket #certificate #tls #encryption
Labels:
- Labels:
-
Cryptography
0 REPLIES 0
Related Content
- Problems with P2P connection (st25r3911b-disco) in ST25 NFC/RFID tags and readers
- STLink in STM32CubeMX (MCUs)
- NUCLEO U575ZI Q: move from ST-LINK to J-LINK: failed to transmit data on USART1 in STM32 MCUs Boards and hardware tools
- [STM32WB5MMG] Client role fails to connect to any server in STM32 MCUs Wireless
- XBEE XR868 with stm32l431rct6 controller problem in STM32 MCUs Products