• State Not Answered
  • Replies 3 replies
  • Subscribers 74 subscribers
  • Views 129 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 344474
Options

https_client connection results in error 22 if build with option EXTRA_CONF_FILE=overlay-tfm-nrf91.conf

Jason

Hi all,

I'm working with my custom nRF9151 board and i'm testing https request with option that use native TLS for my download client. 

I got connect err = 22, so i come back to sdk and try to test example https_client with my nRF9151DK.

1. If i build with cmd: west build -b nrf9151dk_nrf9151_ns, i can connect successfully with modifying the cert.

2. If i build with cmd: west build -b nrf9151dk_nrf9151_ns -- -DEXTRA_CONF_FILE="overlay-tfm-nrf91.conf" , i can't connect successfully, even with the cert in case 1.

The error log is:

Connecting to example.com:443
connect() failed, err: 22

Parents
  • 0

    Hi,

     

    There was a certificate change on the default domain used, where the newest one in NCS v3.0.0 is required:

    https://github.com/nrfconnect/sdk-nrf/tree/main/samples/net/https_client/cert

     

    In addition, the new certificate uses a different crypto algorithm, so the latest configurations in overlay-tfm-nrf91.conf is required:

    https://github.com/nrfconnect/sdk-nrf/blob/main/samples/net/https_client/overlay-tfm-nrf91.conf

     

    Using ncs v3.0.0, with overlay-tfm-nrf91.conf included in the build, I get this output:

    *** Booting nRF Connect SDK v3.0.0-3bfc46578e42 ***
*** Using Zephyr OS v4.0.99-a0e545cb437a ***
HTTPS client sample started
Bringing network interface up
Provisioning certificate
Connecting to the network
+CGEV: EXCE STATUS 0
+CEREG: 2,"8169","014ACE00",7
%MDMEV: PRACH CE-LEVEL 0
+CSCON: 1
+CGEV: ME PDN ACT 0
%MDMEV: SEARCH STATUS 2
+CEREG: 1,"8169","014ACE00",7,,,"11100000","11100000"
Network connectivity established and IP address assigned
Looking up example.com
+CGEV: IPV6 0
Resolved 23.215.0.136 (AF_INET)
Connecting to example.com:443
Sent 61 bytes
Received 318 bytes

>        HTTP/1.1 200 OK

Finished, closing socket.
+CEREG: 0
+CGEV: ME DETACH
+CSCON: 0
Network connectivity lost
Disconnected from the network

      

    Could you the above suggestions?

     

    Kind regards,

    Håkon

  • 0 in reply to Håkon Alseth

    Thanks  , I pass the error 22 but got this error. Can you take a look?

    HTTPS client sample started
    Bringing network interface up
    Provisioning certificate
    Connecting to the network
    +CGEV: EXCE STATUS 0
    %MDMEV: SEARCH STATUS 1
    %MDMEV: SEARCH STATUS 2
    +CEREG: 2
    +CEREG: 2,"B39C","090A9616",9
    %MDMEV: PRACH CE-LEVEL 0
    +CSCON: 1
    +CGEV: ME PDN ACT 0,0
    +CNEC_ESM: 50,0
    +CEREG: 1,"B39C","090A9616",9,,,"11100000","11100000"
    Network connectivity established and IP address assigned
    Looking up example.com
    %MDMEV: PRACH CE-LEVEL 1
    Resolved 96.7.128.198 (AF_INET)
    [00:04:50.062,164] <dbg> net_sock_tls: tls_alloc: (0x2001c180): Allocated TLS context, 0x2001b780
    Connecting to example.com:443
    [00:04:50.411,926] <dbg> net_sock_tls: tls_set_max_frag_len: (0x2001c180): MBEDTLS_TLS_EXT_ADV_CONTENT_LEN: 4096
    [00:04:50.417,999] <inf> net_sock_tls: mbedtls_x509_crt_parse len=839 err: -0x0
    %MDMEV: PRACH CE-LEVEL 0
    connect() failed, err: 11
    [00:04:53.421,722] <dbg> net_sock: z_impl_zsock_close: (0x2001c180): close: ctx=0x2001d070, fd=4
    +CEREG: 0
    +CGEV: ME DETACH
    +CSCON: 0
    Network connectivity lost
    Disconnected from the network

Reply
  • 0 in reply to Håkon Alseth

    Thanks  , I pass the error 22 but got this error. Can you take a look?

    HTTPS client sample started
    Bringing network interface up
    Provisioning certificate
    Connecting to the network
    +CGEV: EXCE STATUS 0
    %MDMEV: SEARCH STATUS 1
    %MDMEV: SEARCH STATUS 2
    +CEREG: 2
    +CEREG: 2,"B39C","090A9616",9
    %MDMEV: PRACH CE-LEVEL 0
    +CSCON: 1
    +CGEV: ME PDN ACT 0,0
    +CNEC_ESM: 50,0
    +CEREG: 1,"B39C","090A9616",9,,,"11100000","11100000"
    Network connectivity established and IP address assigned
    Looking up example.com
    %MDMEV: PRACH CE-LEVEL 1
    Resolved 96.7.128.198 (AF_INET)
    [00:04:50.062,164] <dbg> net_sock_tls: tls_alloc: (0x2001c180): Allocated TLS context, 0x2001b780
    Connecting to example.com:443
    [00:04:50.411,926] <dbg> net_sock_tls: tls_set_max_frag_len: (0x2001c180): MBEDTLS_TLS_EXT_ADV_CONTENT_LEN: 4096
    [00:04:50.417,999] <inf> net_sock_tls: mbedtls_x509_crt_parse len=839 err: -0x0
    %MDMEV: PRACH CE-LEVEL 0
    connect() failed, err: 11
    [00:04:53.421,722] <dbg> net_sock: z_impl_zsock_close: (0x2001c180): close: ctx=0x2001d070, fd=4
    +CEREG: 0
    +CGEV: ME DETACH
    +CSCON: 0
    Network connectivity lost
    Disconnected from the network

Children
  • 0 in reply to Jason

    Hi,

     

    I get this successful output on my side:

    *** Booting nRF Connect SDK v3.0.0-3bfc46578e42 ***
*** Using Zephyr OS v4.0.99-a0e545cb437a ***
HTTPS client sample started
Bringing network interface up
Provisioning certificate
Connecting to the network
+CGEV: EXCE STATUS 0
+CEREG: 2,"8169","014A0302",7
%MDMEV: PRACH CE-LEVEL 0
+CSCON: 1
+CGEV: ME PDN ACT 0
%MDMEV: SEARCH STATUS 2
+CEREG: 1,"8169","014A0302",7,,,"11100000","11100000"
Network connectivity established and IP address assigned
Looking up example.com
+CGEV: IPV6 0
Resolved 23.215.0.136 (AF_INET)
[00:00:04.966,644] <dbg> net_sock_tls: tls_alloc: (0x2001c108): Allocated TLS context, 0x2001b708
Connecting to example.com:443
Sent 61 bytes
Received 318 bytes

>        HTTP/1.1 200 OK

Finished, closing socket.
+CEREG: 0
+CGEV: ME DETACH
+CSCON: 0
Network connectivity lost
Disconnected from the network

     

    I see that you are resolving to another IP:

    Jason said:
    Resolved 96.7.128.198 (AF_INET)

     

    Once in a while I do see a returned error on the connection:

    *** Booting nRF Connect SDK v3.0.0-3bfc46578e42 ***
*** Using Zephyr OS v4.0.99-a0e545cb437a ***
HTTPS client sample started
Bringing network interface up
Provisioning certificate
Connecting to the network
+CGEV: EXCE STATUS 0
+CEREG: 2,"8169","014A0302",7
%MDMEV: PRACH CE-LEVEL 0
+CSCON: 1
+CGEV: ME PDN ACT 0
%MDMEV: SEARCH STATUS 2
+CEREG: 1,"8169","014A0302",7,,,"11100000","11100000"
Network connectivity established and IP address assigned
Looking up example.com
+CGEV: IPV6 0
Resolved 96.7.128.198 (AF_INET)
[00:00:06.736,602] <dbg> net_sock_tls: tls_alloc: (0x2001c108): Allocated TLS context, 0x2001b708
Connecting to example.com:443
%MDMEV: PRACH CE-LEVEL 0
connect() failed, err: 116
+CEREG: 0
+CGEV: ME DETACH
+CSCON: 0
Network connectivity lost
Disconnected from the network

     

    Does it become more stable if you expand this timeout?

    CONFIG_NET_SOCKETS_CONNECT_TIMEOUT=20000

     

    Kind regards,

    Håkon

Related
Terms of service