HTTPS POST not working in SLM

TC over 4 years ago

(For some reason, I use "...' replace the original string)
Here is the log for using AT to do HTTPS POST:

2022-02-07T12:19:39.057Z DEBUG modem >> AT#XHTTPCCON=1,"...",443
2022-02-07T12:19:40.057Z ERROR Error: 'AT#XHTTPCCON=1,"...",443
' timed out
2022-02-07T12:19:40.591Z DEBUG modem << #XHTTPCCON: 1
2022-02-07T12:19:40.594Z DEBUG modem << OK
2022-02-07T12:19:46.614Z DEBUG modem >> AT#XHTTPCREQ="POST","...","Content-Type: application/json
2022-02-07T12:19:46.640Z DEBUG modem >> Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6eyJ1aWQiOjU3OCwiY29kZSI6ImVlNjNmZWI2LTA0YzMtNDM5Ni04OWI2LWExZDhjNzZhZDE0MSJ9LCJpc3MiOiJKSEhfVVNFUlMiLCJleHAiOjE2NDQyOTgwODAsInZlciI6MSwianRpIjoxODM4OX0.9uqBfMutUGyBaPIEwiP7AscgVMvUZwKSC9lqfAnDcEg
2022-02-07T12:19:46.674Z DEBUG modem >> Content-Length: 279
2022-02-07T12:19:46.707Z DEBUG modem >> ",279
2022-02-07T12:19:46.729Z DEBUG modem << OK
2022-02-07T12:19:46.731Z DEBUG modem << #XHTTPCREQ: 1
2022-02-07T12:19:56.042Z DEBUG modem >> {"meta":{...},"data":[...]}
2022-02-07T12:19:56.069Z DEBUG modem << ERROR
2022-02-07T12:19:56.072Z ERROR Error:{"meta":{...},"data":[...]}
failed
2022-02-07T12:19:56.092Z DEBUG modem << #XHTTPCREQ: 0
2022-02-07T12:19:56.111Z DEBUG modem << #XHTTPCREQ: -104
2022-02-07T12:19:56.113Z DEBUG modem << ERROR
2022-02-07T12:19:56.118Z DEBUG modem << #XDATAMODE: 0
2022-02-07T12:19:56.119Z DEBUG modem << #XHTTPCCON: 0
2022-02-07T12:20:05.708Z DEBUG modem << %CESQ: 27,1,3,0

Is this normal that the modem still return "OK" regardless of the 'timed out' .
What happen to the "XHTTPCREQ: -104" after payload send?

Thanks

Top Replies

TC over 4 years ago in reply to Håkon Alseth +1 verified

Just works by upgrade mfw FW from 1.2.3 to 1.3.1. Thanks!!

Parents

0 TC over 4 years ago
Is it possible to run LTE TraceCollector v2 preview with LTE Link Monitor?
If not, how can I send the AT command to nRF9160.
I still can not see any trace, and the filesize in side panel not growth.

Here are steps for using trace collector:
1. program nrf9160_dk_board_controller_fw.hex to nRF52 in nRF9160DK.
2. program SLM (with CONFIG_NRF_MODEM_LIB_TRACE_ENABLED=y) to nRF91 in nRF9160DK.
3. connect nrf9160 DK in TraceCollector, then start tracing with LIVE

No trace shows in Wireshark...

I try to use openssl to get the CA cert, but AT#XHTTPCCON still not connected after update the seg_tag.
Just wonder what's the "Kubernetes Ingress Controller Fake Certificate" means in the following?
openssl s_client -showcerts -connect gateway.dev.jawbonehealth.com:443 CONNECTED(00000005) depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate i:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate -----BEGIN CERTIFICATE----- MIIDbzCCAlegAwIBAgIQfStz7642v8lUvvWCwhUJ/jANBgkqhkiG9w0BAQsFADBL .....
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Håkon Alseth over 4 years ago in reply to TC

Hi,

Could it be that you're connecting locally to that server?

Here's what I get when I run the exact same command:

openssl s_client -showcerts -connect gateway.dev.jawbonehealth.com:443 
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = gateway.dev.jawbonehealth.com
verify return:1
---
Certificate chain
 0 s:CN = gateway.dev.jawbonehealth.com
   i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISBO1MWjgNpXaRpyo3l6wOly7JMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjAxMDMxNDE4MDRaFw0yMjA0MDMxNDE4MDNaMCgxJjAkBgNVBAMT
HWdhdGV3YXkuZGV2Lmphd2JvbmVoZWFsdGguY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0O4zwyRhnnhXJ2Lqnhw2ft/6h/cxG7e6e9pC9Dc1I2q7
4pWwuMDv/FREC7oZSRjMwTpO6NV6mGflAqGe8qirECd+R4Mts5eiu9BbSnuaXq6R
PLGyMVlnea0ERrVpIC/319h690plfqza2AhGtmkE1bUrfn4hJH8xH6FaTC7WDxw7
vQbjpn17LbvxRk06aZuMmKJqrZKQwHhsOs7ZPUFF2pnVgmZSeRtVmhU02eNnBPIL
bnoOeNW1FmTsnPx2ZxcKTtBsCKJ1kzVmqVlInzKMerFkl/0Nkncoig9qgcq2fE7V
Mb8/Vi6nN0wZ5wfhdEoqrpuOu08wwXcp0xzTVsQXGwIDAQABo4ICVzCCAlMwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBSiRJQ5P91QYAh5/389QkYvldycFTAfBgNVHSME
GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB
BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov
L3IzLmkubGVuY3Iub3JnLzAoBgNVHREEITAfgh1nYXRld2F5LmRldi5qYXdib25l
aGVhbHRoLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo
MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMGCisG
AQQB1nkCBAIEgfQEgfEA7wB1AN+lXqtogk8fbK3uuF9OPlrqzaISpGpejjsSwCBE
XCpzAAABfiCE2iQAAAQDAEYwRAIgIXeUAKAF1dmXa0pcp1GJPgoZ6JyeL+ZWJYiA
ZUvoVEACID2z4Uz94ZlMk5B/B17d5pP3iCJJ84MgMWGhjjeBw1pBAHYARqVV63X6
kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAF+IITaSAAABAMARzBFAiAAtKfH
/vkKX349mIa52rJ8kCysymCUM/hv+MQaFQW76QIhAOw7uHryLbu8QftkEISBXdvd
PGEk/oy9gG6zfbRA8sw9MA0GCSqGSIb3DQEBCwUAA4IBAQAU2iCt5bnwIiZqMLZ3
QUDI4bqsnHwrX0j5scYACwaS7mg3r4Sl9XJJLIlMqvvsNskbljK17KtNb++iT8KY
d4M1hn4vHZQIpl8UvrvrABearikPms1SgVerS/ckPPE6XGha5anB6yrow7DFRAxe
77d5od0sRW2q77/sPgqnbLtyFKMnw2SsrzGWaNCu7agccLo3+0FZMH8adN4TwXBp
3rWy4TSRt1ilE57PHKhcsffr6GqV5skcrsqelIQIi9sPHEU4n+YUw/dUMuaj/mrs
VW5ti8EeuVvxGGz3SsLLUjZa4abSFBfoYktlrT3b8tEopLXe0ZYiMokZv6MrJCkD
e6Lu
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
-----END CERTIFICATE-----
---
Server certificate
subject=CN = gateway.dev.jawbonehealth.com

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4603 bytes and written 401 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: E3EE2D025F3D2BBBEFC906ECC4C8845B9F5F5A6E35169678823EB3B7E37CDF97
    Session-ID-ctx: 
    Resumption PSK: 47FC953FC2901D28B1FCB680495CF9104C991004EC4FE53B99B7362141A8E7257448481B33BC16007F567CD971802F29
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - d6 c4 8f 9a e7 b0 38 45-2a 44 9f 95 f5 41 da 18   ......8E*D...A..
    0010 - b5 16 4f 00 8d 59 93 76-04 44 87 9d e2 31 bc cb   ..O..Y.v.D...1..

    Start Time: 1644484574
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 7EE212D109C7E6CDE3912EF11AAC41DBF8889390369EA0C188C8976430409E7F
    Session-ID-ctx: 
    Resumption PSK: CD270E207A219AD3F6FBD8E5E02A16D4FDB6F5D348DB2CFCD1BF026D7852F6B7750F96FBF7259F5C14FBB06F6E182245
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - 55 8e b6 2f 6d 59 91 54-03 af 67 18 15 74 0c 98   U../mY.T..g..t..
    0010 - ae 85 d7 d4 ff dc a3 0f-b1 c1 08 87 23 ce ba fd   ............#...

    Start Time: 1644484574
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
closed

If you are having issues with SLM + modem tracing, you can try to use https_client instead and issue the ISRG root x1 instead of the default digicert.

Kind regards,

Håkon

Reply