https://devzone.nordicsemi.com/f/nordic-q-a/68601/tls-2303-bytes-packet-limitI have been testing out HTTPS with the http_application_update . I have been able to successfully setup a TLS 1.2 connection, but I was seeing a lot of &quot;Peer closed connection!&quot; warnings after any request was made over the socket. Swapping the requesten-USTelligent Community 13Fri, 20 Nov 2020 14:37:10 GMThttps://devzone.nordicsemi.com/thread/281143?ContentTypeID=1Fri, 20 Nov 2020 14:37:10 GMT137ad170-7792-4731-bb38-c0d22fbe4515:60146c82-34de-4afb-b5b0-fdcc223b013bMartin Lesund<p>Hi GNotman,<br />It documented as a limitation in the mfw release notes.<br /><em>That can be found in the .zip for the modem firmware.</em><br /><pre class="ui-code" data-mode="text">*** Limitations *************** - TLS/DTLS - Up to three simultaneous TLS/DTLS connections are possible. - Server certificate expiry time is not verified. - pkcs#8 is not supported. - Absolute maximum number of supported credentials is 32. The actual amount depends on size of credentials as memory area reserved for credentials may be a limiting factor as well. - DTLS supports PSK authentication only. - 2kB secure socket buffer size. - Maximum number of raw sockets is 4. - User plane data is supported in Cat M1 mode only.</pre></p> <p>It is listed 2kB, however 2303 is for the server you are connected to.&nbsp;<br />There are some variances in overhead for TLS, but documented limit is set to 2kB.<br />Setting higher could be possible, but is &quot;out of spec&quot; and therefore you could see some issues.</p> <p><br />best regards,<br />Martin L.&nbsp;</p> <p><em></em></p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/281107?ContentTypeID=1Fri, 20 Nov 2020 13:07:33 GMT137ad170-7792-4731-bb38-c0d22fbe4515:d5598c82-a426-45fe-9dde-7a36464d6452GNotman<p>Hi Martin,</p> <p>Thanks, I understand that I can control the amount of file data requested in the <em>Range</em> header. I have been able to successfully download the FW file by applying a fragment size limit which leaves enough space for the header.</p> <p>However, my main question is what is imposing the 2303 byte limit, and equally important is that limit constant?</p> <p></p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/281101?ContentTypeID=1Fri, 20 Nov 2020 12:53:49 GMT137ad170-7792-4731-bb38-c0d22fbe4515:24214eba-29d8-433b-8fc3-fe00020dac08Martin Lesund<p>Hi GNotman,<br />The problem is that the HTTP-header is not a part of &quot;CONFIG_DOWNLOAD_CLIENT_HTTP_FRAG_SIZE_2048&quot;,</p> <p>so the fragment at 2048 + the HTTP header will be to big for the modem to receive.<br /><br /></p> <div>Optimally you should use the&nbsp;<em>fragment_size</em><span>&nbsp;</span>here:&nbsp;<a href="https://github.com/nrfconnect/sdk-nrf/blob/master/include/net/fota_download.h#L106">https://github.com/nrfconnect/sdk-nrf/blob/master/include/net/fota_download.h#L106</a></div> <div></div> <div>And do it dynamically as we do it in e.g. the Azure FOTA Sample:&nbsp;<a href="https://github.com/nrfconnect/sdk-nrf/blob/master/subsys/net/lib/azure_fota/azure_fota.c#L529">https://github.com/nrfconnect/sdk-nrf/blob/master/subsys/net/lib/azure_fota/azure_fota.c#L529</a>&nbsp;<br /><br />Best regards;<br />Martin L.</div><div style="clear:both;"></div>