This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

NRF9160 Connect to https without CA certificate

Hi, all! I am trying to connect to my https server using the example \nrf9160\https_client

The example itself works connects to google.com and receives a 200 response.

Problems begin when I try to connect to my server on port 443.
When connecting, BSD generates an error EOPNOTSUPP
And in the console I get:
connect () failed, err: 45

The code that I changed in the example:

err = getaddrinfo("my_site.com", NULL, &hints, &res);
	if (err) {
		printk("getaddrinfo() failed, err %d\n", errno);
		return;
	}

	((struct sockaddr_in *)res->ai_addr)->sin_port = htons(HTTPS_PORT);

	fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TLS_1_2);
	if (fd == -1) {
		printk("Failed to open socket!\n");
		goto clean_up;
	}

	/* Setup TLS socket options */
	err = tls_setup(fd);
	if (err) {
		goto clean_up;
	}

	printk("Connecting to %s\n", "my_site.com");
	err = connect(fd, res->ai_addr, sizeof(struct sockaddr_in));

HTTPS_PORT is 443

Since I do not understand certification well, I have questions:
1) Can I use the certificate that comes with the example?
2) Can I disable the certification chain when connecting to the server?

P.S.
“Let's encrypt authority” certificate is installed on the server

Many thanks!

Related