ESP32 simple SSL web server
Posted: Sat Apr 24, 2021 6:00 pm
Hi,
i'm try to implement a very very simple HTTPS server using SSL sockets. I read a pile of example, Documents and faq here and around the web.
My setup:
Esp32 WROOM WITHOUT SPIRAM
Firmware: esp32-20210418-v1.15.bin
Browser for connection testing: chrome 90.0.4430.85
Now after 3 days I still not able to solve this problem, the latest and most simple code that I use is:
the self signed key are created using below command:
I did a lot of test but I always receive an OSError: (-30592, 'MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE').
After some diggin around i found that the integer number must be translated to Hex to find the real MBEDTLS error, so I googled for 0x7780 and as far as I understand, seem an error on Certificate Handshaking.
So I tried to add the line
after the wrap_socket, but this change the message to OSError: (-31104, 'MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO')
So, now I'm really stuck with this... my question is if exists a real working example of micro web server that can use ssl and not require external SPIRAM or to be flashed on the firmware itself (like MicroWebSrv2)
Thank you very much for any help!
i'm try to implement a very very simple HTTPS server using SSL sockets. I read a pile of example, Documents and faq here and around the web.
My setup:
Esp32 WROOM WITHOUT SPIRAM
Firmware: esp32-20210418-v1.15.bin
Browser for connection testing: chrome 90.0.4430.85
Now after 3 days I still not able to solve this problem, the latest and most simple code that I use is:
Code: Select all
import esp
import gc
gc.collect()
import usocket as socket
import ussl
import machine
import network
KEY_PATH = 'client.key'
CERT_PATH = 'client.crt'
with open(KEY_PATH, 'rb') as f:
key = f.read()
with open(CERT_PATH, 'rb') as f:
cert = f.read()
s = socket.socket()
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
ap = network.WLAN(network.AP_IF) # create access-point interface
ad = ap.ifconfig()
addr = socket.getaddrinfo('0.0.0.0', 443)[0][-1]
s.bind(addr)
s.listen(5)
gc.collect()
while True:
print("ssl connection started")
cl, addr = s.accept()
scl = ussl.wrap_socket(cl, server_side=False, cert=cert, key=key)
print(gc.mem_free())
l = 0
while True:
req = scl.read(1024)
print(req)
if not req or b'\r\n' in req:
break
response = '\r\n'.join(['HTTP/1.1 200 OK',
'Content-Type: text/plain',
'OK',
'Connection: close', '\r\n'])
scl.write(response.encode("utf-8"))
scl.close()
Code: Select all
openssl req -newkey rsa:2048 -nodes -keyout client.key -x509 -days 365 -out client.crt
After some diggin around i found that the integer number must be translated to Hex to find the real MBEDTLS error, so I googled for 0x7780 and as far as I understand, seem an error on Certificate Handshaking.
So I tried to add the line
Code: Select all
scl.set_ciphers('AES_256_GCM_SHA384')
So, now I'm really stuck with this... my question is if exists a real working example of micro web server that can use ssl and not require external SPIRAM or to be flashed on the firmware itself (like MicroWebSrv2)
Thank you very much for any help!