Search found 167 matches

by danielm
Mon Sep 05, 2016 7:44 pm
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

Re: urequests and SSL on WiPy

Yes, server certificate validation is a counter-measure against Man-in-the-middle attacks and DNS spoofing.

Try to call GET on your local google domain. Check in the browser where you will be redirected from google.com.
by danielm
Mon Sep 05, 2016 3:55 pm
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

Re: urequests and SSL on WiPy

Jim, did you also test server certificate validation with locally stored CA certificate?
by danielm
Sun Sep 04, 2016 7:17 pm
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

Re: urequests and SSL on WiPy

Maybe it has something to do with server_side parameter set to False. However setting it to True throws this error:
ValueError: invalid argument(s) value
by danielm
Sun Sep 04, 2016 7:02 pm
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

Re: urequests and SSL on WiPy

Jim, no problem. Ralf, I did modify socket constructor as you suggested and you were right, it worked. On top of that, I did modify SSL wrapper: s = ussl.wrap_socket(s, keyfile=None, certfile=None, server_side=False, cert_reqs=ussl.CERT_REQUIRED, ca_certs='/flash/cert/ca.pem') The problem now is tha...
by danielm
Sun Sep 04, 2016 5:16 pm
Forum: General Discussion and Questions
Topic: troubleshooting of SSL socket
Replies: 1
Views: 1400

troubleshooting of SSL socket

Is there any way how to check SSL socket created by ssl.wrap_socket() especially when it is required to validate both sides using client certificate + key file and CA certificate and verify if validation/authentication went ok? ss = ssl.wrap_socket(s, keyfile='/flash/cert/private.key', certfile='/fl...
by danielm
Fri Sep 02, 2016 3:40 pm
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

Re: urequests and SSL on WiPy

Jim, DER format is mentioned in TI wiki I posted before.

Ralf, I will try that modification on Monday, thanks.
by danielm
Fri Sep 02, 2016 12:16 pm
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

Re: urequests and SSL on WiPy

Looking at urequests.py module it wraps the socket without any parameters on line 56: s = ussl.wrap_socket(s) In my understanding that means that ussl.wrap_scoket() is called with default values: ssl.wrap_socket(sock, keyfile=None, certfile=None, server_side=False, cert_reqs=CERT_NONE, ca_certs=None...
by danielm
Fri Sep 02, 2016 10:38 am
Forum: WiPy and CC3200 boards
Topic: urequests and SSL on WiPy
Replies: 33
Views: 15996

urequests and SSL on WiPy

I am trying to perform HTTP GET request on https://www.google.com: urequests.get("https://www.google.com") Empty response is read from the socket which causes error I already encountered before: http://forum.micropython.org/viewtopic.php?f=15&t=2191 Anyway I think that SSL socket is not established ...
by danielm
Tue Aug 30, 2016 4:29 pm
Forum: WiPy and CC3200 boards
Topic: MQTT client with TLS/SSL on CC3200
Replies: 2
Views: 4341

Re: MQTT client with TLS/SSL on CC3200

Hi Ralf, I used official MQTT client developed within ESP8266 MP port Kickstarter campaign: http://forum.micropython.org/viewtopic.php?f=16&t=2023 https://github.com/micropython/micropython-lib/tree/master/umqtt.simple ...and built-in ussl module: http://micropython.org/resources/docs/en/latest/wipy...
by danielm
Thu Aug 25, 2016 4:35 pm
Forum: ESP8266 boards
Topic: Official MicroPython MQTT client
Replies: 19
Views: 29248

Re: Official MicroPython MQTT client

I encountered MQTT client or SSL library related issue.
I described it in this post: http://forum.micropython.org/viewtopic. ... 172#p13172
Could you please take a look at it?