Hi,
We're using the nrf9160 with ncs 2.7, modem FW 1.3.6
We're trying to send an HTTP request with TLS 1.2. We have provisioned our device and verified the key,cert with a python script and that is able to hit our endpoint OK. However, when we try to do the same thing from the nrf9160 we are getting a `400 bad request No requried SSL certificate was sent` error
We are saving the key and cert with
modem_key_mgmt_write(PROVISIONED_CERT_SEC_TAG, MODEM_KEY_MGMT_CRED_TYPE_PUBLIC_CERT, cert_buffer,
cert_buffer_bytes_written);
modem_key_mgmt_write(PROVISIONED_CERT_SEC_TAG, MODEM_KEY_MGMT_CRED_TYPE_IDENTITY, cert_buffer,
cert_buffer_bytes_written);
modem_key_mgmt_write(PROVISIONED_CERT_SEC_TAG, MODEM_KEY_MGMT_CRED_TYPE_PRIVATE_CERT, key_buffer,
key_buffer_bytes_written);
And then sending it with
get_addr_info_handle = getaddrinfo(STAGING_HTTP_HOST, HTTP_PORT, &hints, &res);
memset(recv_buf, 0, sizeof(recv_buf));
if (get_addr_info_handle != 0) {
LOG_ERR("Unable to resolve address, quitting. Err: %d", get_addr_info_handle);
return get_addr_info_handle;
}
socket_handle = socket(res->ai_family, res->ai_socktype, IPPROTO_TLS_1_2);
CHECK(socket_handle);
LOG_DBG("socket_handle = %d\n", socket_handle);
//Disable hostname verification
CHECK(setsockopt(socket_handle, SOL_TLS, TLS_HOSTNAME, NULL, 0))
//Disable peer verify
int verify = TLS_PEER_VERIFY_NONE;
CELL_ERR_CHECK(setsockopt(socket_handle, SOL_TLS, TLS_PEER_VERIFY, &verify, sizeof(verify)));
//Set sec tag
static sec_tag_t sec_tag_list[] = {STAGING_SEC_TAG};
CHECK(setsockopt(socket_handle, SOL_TLS, TLS_SEC_TAG_LIST, sec_tag_list, sizeof(sec_tag_list)));
LOG_DBG("Connecting to server...\n");
CHECK(connect(socket_handle, res->ai_addr, res->ai_addrlen));
LOG_DBG("Connected!\r\nSending request...\n");
CHECK(send(socket_handle, send_buf, SSTRLEN(send_buf), 0));
