• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 13 replies
  • Subscribers 91 subscribers
  • Views 3247 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 283787
Options

HTTPS POST not working in SLM

TC

(For some reason, I use "...' replace the original string)
Here is the log for using AT to do HTTPS POST:


2022-02-07T12:19:39.057Z DEBUG modem >> AT#XHTTPCCON=1,"...",443
2022-02-07T12:19:40.057Z ERROR Error: 'AT#XHTTPCCON=1,"...",443
' timed out
2022-02-07T12:19:40.591Z DEBUG modem << #XHTTPCCON: 1
2022-02-07T12:19:40.594Z DEBUG modem << OK
2022-02-07T12:19:46.614Z DEBUG modem >> AT#XHTTPCREQ="POST","...","Content-Type: application/json
2022-02-07T12:19:46.640Z DEBUG modem >> Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6eyJ1aWQiOjU3OCwiY29kZSI6ImVlNjNmZWI2LTA0YzMtNDM5Ni04OWI2LWExZDhjNzZhZDE0MSJ9LCJpc3MiOiJKSEhfVVNFUlMiLCJleHAiOjE2NDQyOTgwODAsInZlciI6MSwianRpIjoxODM4OX0.9uqBfMutUGyBaPIEwiP7AscgVMvUZwKSC9lqfAnDcEg
2022-02-07T12:19:46.674Z DEBUG modem >> Content-Length: 279
2022-02-07T12:19:46.707Z DEBUG modem >> ",279
2022-02-07T12:19:46.729Z DEBUG modem << OK
2022-02-07T12:19:46.731Z DEBUG modem << #XHTTPCREQ: 1
2022-02-07T12:19:56.042Z DEBUG modem >> {"meta":{...},"data":[...]}
2022-02-07T12:19:56.069Z DEBUG modem << ERROR
2022-02-07T12:19:56.072Z ERROR Error:{"meta":{...},"data":[...]}
failed
2022-02-07T12:19:56.092Z DEBUG modem << #XHTTPCREQ: 0
2022-02-07T12:19:56.111Z DEBUG modem << #XHTTPCREQ: -104
2022-02-07T12:19:56.113Z DEBUG modem << ERROR
2022-02-07T12:19:56.118Z DEBUG modem << #XDATAMODE: 0
2022-02-07T12:19:56.119Z DEBUG modem << #XHTTPCCON: 0
2022-02-07T12:20:05.708Z DEBUG modem << %CESQ: 27,1,3,0

Is this normal that the modem still return "OK" regardless of the 'timed out' .
What happen to the "XHTTPCREQ: -104" after payload send?

Thanks

Parents
  • 0

    Is it possible to run  LTE TraceCollector v2 preview with LTE Link Monitor?
    If not, how can I send the AT command to nRF9160.
    I still can not see any trace, and the filesize in side panel not growth.

    Here are steps for using trace collector:
    1. program     nrf9160_dk_board_controller_fw.hex to nRF52 in nRF9160DK.
    2. program SLM (with     CONFIG_NRF_MODEM_LIB_TRACE_ENABLED=y) to nRF91 in nRF9160DK.
    3. connect nrf9160 DK in TraceCollector, then start tracing with LIVE

    No trace shows in Wireshark...



    I try to use openssl to get the CA cert, but AT#XHTTPCCON still not connected after update the seg_tag.
    Just wonder what's the "Kubernetes Ingress Controller Fake Certificate" means in the following?

    openssl s_client -showcerts -connect gateway.dev.jawbonehealth.com:443 
CONNECTED(00000005)
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
   i:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
-----BEGIN CERTIFICATE-----
MIIDbzCCAlegAwIBAgIQfStz7642v8lUvvWCwhUJ/jANBgkqhkiG9w0BAQsFADBL
.....


  • 0 in reply to TC

    Hi 
    I just found the different openssl version may cause the different result, I can get the similar result with yours in another computer.
    So, looks like server return 3 CA certs, and, I can pick either one for CA certificate in sec_tag, right?
    If it is, would you mind to try in your side for AT#XHTTPCCON=1,"gateway.dev.jawbonehealth.com",443,sec_tag?
    I believe I already try those CA certs but still not connected.


    Thanks

  • 0 in reply to TC

    Hi,

     

    With https_client, changed the hostname to match your wanted host.

    And issued the X1 root CA:

    https://letsencrypt.org/certs/isrgrootx1.pem

     

    this is the output:

    *** Booting Zephyr OS build v2.7.99-ncs1-rc1  ***
HTTPS client sample started
Certificate mismatch
Provisioning certificate
Waiting for network.. OK
Connecting to gateway.dev.jawbonehealth.com
Sent 79 bytes
Received 267 bytes

>        HTTP/1.1 401 Unauthorized

Finished, closing socket.

     

    Similar with SLM (reused sec_tag 42, which has X1 CA):

    AT#XHTTPCCON=1,"gateway.dev.jawbonehealth.com",443,42

#XHTTPCCON: 1

OK

AT#XHTTPCREQ="GET","/get?foo1=bar1&foo2=bar2",""

OK

#XHTTPCREQ: 0

#XHTTPCRSP:0,1

#XHTTPCRSP:0,1

     

    Kind regards,

    Håkon

  • 0 in reply to TC

    That was more clear it's not about CA issue.
    I'll try to let trace collector works first and check wha't going on.

    Just want to sync few information with your side:
    1. What's your SLM version and mfw version?
    2. How to check the current mfw ver?
    3. which network operator you are cnnect to?

    Thanks.

Reply Children
No Data
Related
Terms of service