Snip.websocket_client worked without TLS but doens't work with TLS

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
Anonymous
Not applicable

When I use Snip.websocket_client without modification  (SDK 5.0), I have :

Connecting to server...

Trying to connect<\r><\n>

Not a valid IP address?? Trying hostname lookup...<\r><\n>

Error number received = 1<\r><\r><\n>

[websocket_tls_connect] Error[5035] connecting @websocket: 0x200014bc<\r><\n>

Error number received = 1<\r>

When I deseable TLS (comment the line #define USE_WEBSOCKET_SECURE_CLIENT), It work perfectly.

Have you some idea

B.R.

Ludo

1 Solution
Anonymous
Not applicable

Use below certificate string in websocket_client.c instead of the old ones. Check if it works.

    "-----BEGIN CERTIFICATE-----\n"                                      \

    "MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT\n" \

    "MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv\n" \

    "IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx\n" \

    "MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT\n" \

    "B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHku\n" \

    "Y29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1\n" \

    "dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Fi\n" \

    "CPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjHMgGxBT4H\n" \

    "Tu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6or6KFWp/\n" \

    "3gvDthkUBcrqw6gElDtGfDIN8wBmIsiNaW02jBEYt9OyHGC0OPoCjM7T3UYH3go+\n" \

    "6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6eMAo5zvGI\n" \

    "gPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51iruF9G/M7E\n" \

    "GwM8CetJMVxpRrPgRwIDAQABo4IBFzCCARMwDwYDVR0TAQH/BAUwAwEB/zAOBgNV\n" \

    "HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9BUFuIMGU2g/eMB8GA1Ud\n" \

    "IwQYMBaAFNLEsNKR1EwRcbNhyz2h/t2oatTjMDQGCCsGAQUFBwEBBCgwJjAkBggr\n" \

    "BgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDIGA1UdHwQrMCkwJ6Al\n" \

    "oCOGIWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LmNybDBGBgNVHSAEPzA9\n" \

    "MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNv\n" \

    "bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWQtTvZKGEacke+1bMc8d\n" \

    "H2xwxbhuvk679r6XUOEwf7ooXGKUwuN+M/f7QnaF25UcjCJYdQkMiGVnOQoWCcWg\n" \

    "OJekxSOTP7QYpgEGRJHjp2kntFolfzq3Ms3dhP8qOCkzpN1nsoX+oYggHFCJyNwq\n" \

    "9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO\n" \

    "KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3\n" \

    "qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm\n" \

    "rw==\n"                                                             \

    "-----END CERTIFICATE-----\n"                                        \

View solution in original post

10 Replies
DaBa_2244756
Level 5
Level 5
25 likes received 10 likes received 10 likes given

Hi.

How much you sent / receive?

Possible this problem was reported at previous week...

If receive small packet < 1400 then tls working.

BR.

Darius

0 Likes
Anonymous
Not applicable

Hi Darius,

The problem doesn't depend of data size, it's only during the connexion.

at this time, I haven't sent anything

B.R.

Ludo

0 Likes

Do you could establish SSL connect to your server with WICED https_client ?

Anonymous
Not applicable

Hi

When I use the https exemple, I have

waiting for HTTP reply<\r><\n>

[I - APP     ] Server returned<\r><\n>

HTTP/1.1 302 Found<\r><\r><\n>

Cache-Control: private<\r><\r><\n>

Content-Type: text/html; charset=UTF-8<\r><\r><\n>

Referrer-Policy: no-referrer<\r><\r><\n>

Location: https://www.google.fr/?gfe_rd=cr&ei=Y7uKWcmtB6_c8AeBk4GIDg<\r><\r><\n>

Content-Length: 259<\r><\r><\n>

Date: Wed, 09 Aug 2017 07:36:03 GMT<\r><\r><\n>

Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,36,35"<\r><\r><\n>

Connection: close<\r><\r><\n>

<\r><\r><\n>

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><\r><\n>

<TITLE>302 Moved</TITLE></HEAD><BODY><\r><\n>

<H1>302 Moved</H1><\r>

It seem be good with this exemple.

0 Likes
JoYi_1844281
Level 6
Level 6
100 sign-ins 100 replies posted 50 likes received

You should modified the code to connect your web socket server

First to verified the SSL established is ok or not ?

As you mention the web socket could success exchange without TLS!

If the https client example could not establish connection to your web socket server!

The problem is TLS , not web socket !

0 Likes
Anonymous
Not applicable

Are you trying the default websocket_client application?

If so, TLS connection to echo.websocket.org may fail because of wrong/old root certificate.


Try with the latest root-certificate published by echo.websocket.org and it should work.

0 Likes
Anonymous
Not applicable

Hi,

I have download the certificate :

-----BEGIN CERTIFICATE-----

MIIFMzCCBBugAwIBAgIJALi5P+HXydkzMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD

VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa

MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0

cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj

dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE2MTAyMTE5NTEzOFoX

DTE4MTAyODIyMDYyNFowPTEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRh

dGVkMRgwFgYDVQQDDA8qLndlYnNvY2tldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUA

A4IBDwAwggEKAoIBAQCKpxb1X3TauRLMpKksIvVgqReYgXsNIEpOod9AX5Ep1YwC

/2JygpFb0efSSXHBzjdt3ztb7dmimtxa6xwa2HLQG+ZPwnMHq8I35H19xG+rB7mN

n7tdkvh+UkFrFxV98R+i+CWi4r74KNSfH8A+AuO2q73X9aEP+H+dO/ESwuUsMxet

1o4rv3XKIotQIBsHQBIf2B2X0CEpKRm2zl5d+c1II8T+mODMDfR5YDVZFf2Uw0Wb

8fWeNx8EDjL+oLAm4FttmSSRaesA+hJy9gqapfQNw0EJdYxNLN4ciJt6Y6frfEvc

Omk6v/2HtGRZnQLwl3DoO8LUtGOI5f2Jge1s7W0TAgMBAAGjggG8MIIBuDAMBgNV

HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B

Af8EBAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5nb2RhZGR5LmNv

bS9nZGlnMnMxLTMyOC5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXATA5MDcG

CCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9z

aXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0

dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRp

ZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSME

GDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjApBgNVHREEIjAggg8qLndlYnNvY2tl

dC5vcmeCDXdlYnNvY2tldC5vcmcwHQYDVR0OBBYEFCWuAteazQ94tz4oQtVeP+PW

6x/YMA0GCSqGSIb3DQEBCwUAA4IBAQBCLpzNXEjm0DGuas0WAC5kYoMLlLb762Yo

OQrUysEA6rO+GwfT0hoXcENlDdFl7RTGzPKTdfqX2odvDq2i4jVBhctfvxTZrhKk

RFA5YLWa21zT0IcC9EC7XXZMguQZej97gyTpTIIqbv+l5IwyJBMgGk2XuOW18LLF

YPFiShwGdqOeRV7SLftuOuzd10JX9DVklm8Og2q4QDJMl3RVEoTmyx5rTHPWiosv

uPmFrE+YpdVWGCKE/fAaQIsX83sdwNZgJhXTRtPRDJOQkmrQfCU1p/46PLi668bF

3YjlOSkYHqn6T5LkknHhU2vAWvDdrovMqH+lpPsB0nchIHoLgDnL

-----END CERTIFICATE-----

Can you confirm that is the good one ?

With this one, I have the same probleme.

If TLS is enable : failed

Error number received = 1<\r><\r><\n>

[websocket_tls_connect] Error[5035] connecting @websocket: 0x200014bc<\r><\n>

[I - APP     ] <\r><\r><\n>

Error number received = 1

without TLS it works perfectly

Ludo

0 Likes
Anonymous
Not applicable

The certificate which I've is different from what you posted here. Can you confirm that you're using the root CA certificate from GoDaddy as required by echo.websocket.org ?

Anonymous
Not applicable

Use below certificate string in websocket_client.c instead of the old ones. Check if it works.

    "-----BEGIN CERTIFICATE-----\n"                                      \

    "MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT\n" \

    "MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv\n" \

    "IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx\n" \

    "MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT\n" \

    "B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHku\n" \

    "Y29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1\n" \

    "dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Fi\n" \

    "CPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjHMgGxBT4H\n" \

    "Tu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6or6KFWp/\n" \

    "3gvDthkUBcrqw6gElDtGfDIN8wBmIsiNaW02jBEYt9OyHGC0OPoCjM7T3UYH3go+\n" \

    "6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6eMAo5zvGI\n" \

    "gPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51iruF9G/M7E\n" \

    "GwM8CetJMVxpRrPgRwIDAQABo4IBFzCCARMwDwYDVR0TAQH/BAUwAwEB/zAOBgNV\n" \

    "HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9BUFuIMGU2g/eMB8GA1Ud\n" \

    "IwQYMBaAFNLEsNKR1EwRcbNhyz2h/t2oatTjMDQGCCsGAQUFBwEBBCgwJjAkBggr\n" \

    "BgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDIGA1UdHwQrMCkwJ6Al\n" \

    "oCOGIWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LmNybDBGBgNVHSAEPzA9\n" \

    "MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNv\n" \

    "bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWQtTvZKGEacke+1bMc8d\n" \

    "H2xwxbhuvk679r6XUOEwf7ooXGKUwuN+M/f7QnaF25UcjCJYdQkMiGVnOQoWCcWg\n" \

    "OJekxSOTP7QYpgEGRJHjp2kntFolfzq3Ms3dhP8qOCkzpN1nsoX+oYggHFCJyNwq\n" \

    "9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO\n" \

    "KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3\n" \

    "qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm\n" \

    "rw==\n"                                                             \

    "-----END CERTIFICATE-----\n"                                        \

Anonymous
Not applicable

Thanks It works perfectly with your certificate.

When I was taking the certificate, I wasn't take the good one (Root)

thank you

Ludo