• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 13 replies
  • Subscribers 91 subscribers
  • Views 3242 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 283787
Options

HTTPS POST not working in SLM

TC

(For some reason, I use "...' replace the original string)
Here is the log for using AT to do HTTPS POST:


2022-02-07T12:19:39.057Z DEBUG modem >> AT#XHTTPCCON=1,"...",443
2022-02-07T12:19:40.057Z ERROR Error: 'AT#XHTTPCCON=1,"...",443
' timed out
2022-02-07T12:19:40.591Z DEBUG modem << #XHTTPCCON: 1
2022-02-07T12:19:40.594Z DEBUG modem << OK
2022-02-07T12:19:46.614Z DEBUG modem >> AT#XHTTPCREQ="POST","...","Content-Type: application/json
2022-02-07T12:19:46.640Z DEBUG modem >> Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6eyJ1aWQiOjU3OCwiY29kZSI6ImVlNjNmZWI2LTA0YzMtNDM5Ni04OWI2LWExZDhjNzZhZDE0MSJ9LCJpc3MiOiJKSEhfVVNFUlMiLCJleHAiOjE2NDQyOTgwODAsInZlciI6MSwianRpIjoxODM4OX0.9uqBfMutUGyBaPIEwiP7AscgVMvUZwKSC9lqfAnDcEg
2022-02-07T12:19:46.674Z DEBUG modem >> Content-Length: 279
2022-02-07T12:19:46.707Z DEBUG modem >> ",279
2022-02-07T12:19:46.729Z DEBUG modem << OK
2022-02-07T12:19:46.731Z DEBUG modem << #XHTTPCREQ: 1
2022-02-07T12:19:56.042Z DEBUG modem >> {"meta":{...},"data":[...]}
2022-02-07T12:19:56.069Z DEBUG modem << ERROR
2022-02-07T12:19:56.072Z ERROR Error:{"meta":{...},"data":[...]}
failed
2022-02-07T12:19:56.092Z DEBUG modem << #XHTTPCREQ: 0
2022-02-07T12:19:56.111Z DEBUG modem << #XHTTPCREQ: -104
2022-02-07T12:19:56.113Z DEBUG modem << ERROR
2022-02-07T12:19:56.118Z DEBUG modem << #XDATAMODE: 0
2022-02-07T12:19:56.119Z DEBUG modem << #XHTTPCCON: 0
2022-02-07T12:20:05.708Z DEBUG modem << %CESQ: 27,1,3,0

Is this normal that the modem still return "OK" regardless of the 'timed out' .
What happen to the "XHTTPCREQ: -104" after payload send?

Thanks

Parents
  • 0

    Is it possible to run  LTE TraceCollector v2 preview with LTE Link Monitor?
    If not, how can I send the AT command to nRF9160.
    I still can not see any trace, and the filesize in side panel not growth.

    Here are steps for using trace collector:
    1. program     nrf9160_dk_board_controller_fw.hex to nRF52 in nRF9160DK.
    2. program SLM (with     CONFIG_NRF_MODEM_LIB_TRACE_ENABLED=y) to nRF91 in nRF9160DK.
    3. connect nrf9160 DK in TraceCollector, then start tracing with LIVE

    No trace shows in Wireshark...



    I try to use openssl to get the CA cert, but AT#XHTTPCCON still not connected after update the seg_tag.
    Just wonder what's the "Kubernetes Ingress Controller Fake Certificate" means in the following?

    openssl s_client -showcerts -connect gateway.dev.jawbonehealth.com:443 
CONNECTED(00000005)
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
   i:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
-----BEGIN CERTIFICATE-----
MIIDbzCCAlegAwIBAgIQfStz7642v8lUvvWCwhUJ/jANBgkqhkiG9w0BAQsFADBL
.....


  • 0 in reply to TC

    Hi 
    I just found the different openssl version may cause the different result, I can get the similar result with yours in another computer.
    So, looks like server return 3 CA certs, and, I can pick either one for CA certificate in sec_tag, right?
    If it is, would you mind to try in your side for AT#XHTTPCCON=1,"gateway.dev.jawbonehealth.com",443,sec_tag?
    I believe I already try those CA certs but still not connected.


    Thanks

  • 0 in reply to TC

    Hi,

     

    With https_client, changed the hostname to match your wanted host.

    And issued the X1 root CA:

    https://letsencrypt.org/certs/isrgrootx1.pem

     

    this is the output:

    *** Booting Zephyr OS build v2.7.99-ncs1-rc1  ***
HTTPS client sample started
Certificate mismatch
Provisioning certificate
Waiting for network.. OK
Connecting to gateway.dev.jawbonehealth.com
Sent 79 bytes
Received 267 bytes

>        HTTP/1.1 401 Unauthorized

Finished, closing socket.

     

    Similar with SLM (reused sec_tag 42, which has X1 CA):

    AT#XHTTPCCON=1,"gateway.dev.jawbonehealth.com",443,42

#XHTTPCCON: 1

OK

AT#XHTTPCREQ="GET","/get?foo1=bar1&foo2=bar2",""

OK

#XHTTPCREQ: 0

#XHTTPCRSP:0,1

#XHTTPCRSP:0,1

     

    Kind regards,

    Håkon

Reply
  • 0 in reply to TC

    Hi,

     

    With https_client, changed the hostname to match your wanted host.

    And issued the X1 root CA:

    https://letsencrypt.org/certs/isrgrootx1.pem

     

    this is the output:

    *** Booting Zephyr OS build v2.7.99-ncs1-rc1  ***
HTTPS client sample started
Certificate mismatch
Provisioning certificate
Waiting for network.. OK
Connecting to gateway.dev.jawbonehealth.com
Sent 79 bytes
Received 267 bytes

>        HTTP/1.1 401 Unauthorized

Finished, closing socket.

     

    Similar with SLM (reused sec_tag 42, which has X1 CA):

    AT#XHTTPCCON=1,"gateway.dev.jawbonehealth.com",443,42

#XHTTPCCON: 1

OK

AT#XHTTPCREQ="GET","/get?foo1=bar1&foo2=bar2",""

OK

#XHTTPCREQ: 0

#XHTTPCRSP:0,1

#XHTTPCRSP:0,1

     

    Kind regards,

    Håkon

Children
No Data
Related
Terms of service