-->
Page 1 of 1

Can't make GET request work on TLS/SSL connection

PostPosted: Wed Feb 15, 2017 1:05 pm
by Ray Alderman
All,

So I'm trying to establish a TLS/SSL connection to a server and then making a GET request with a required Auth header.

first attempt at using WiFiClientSecure and first attempt at using ESP8266HTTPClient.

I think I am getting a good TLS connection but the GET request is failing and I get a HTTP response 400,

"400 Bad Request
The server cannot or will not process the request due to an apparent client error"

I need to send the "X-Amt-Auth" header with the long key to show really, I'm allowed to get this data.

could not find an example of using ESP8266HTTPClient to send a GET request with a header. Any suggestions on what I'm doing wrong here?

Code: Select all/*
 *  HTTP over TLS (HTTPS) example sketch
 *
 *  This example demonstrates how to use
 *  WiFiClientSecure class to access HTTPS API.
 *  We fetch and display the status of
 *  esp8266/Arduino project continuous integration
 *  build.
 *
 *  Created by Ivan Grokhotkov, 2015.
 *  This example is in public domain.
 */

#include <ESP8266WiFi.h>
#include <WiFiClientSecure.h>
#include <ESP8266HTTPClient.h>

const char* ssid = "xxx";
const char* password = "123";

const char* host = "zzz.org";
const int httpsPort = 443;
String url = "/wp-json/amt/v1/rfids/active";


void setup() {
  Serial.begin(115200);
  Serial.println();
  Serial.print("connecting to ");
  Serial.println(ssid);

  // logging into the wifi router
 
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }
  Serial.println("");
  Serial.println("WiFi connected");

  // at this point connected to the wifi router

  // Use WiFiClientSecure class to create TLS connection to host server on port httpsPort
 
  WiFiClientSecure client;
  Serial.print("connecting to ");
  Serial.println(host);
  if (!client.connect(host, httpsPort)) {
    Serial.println("connection failed");
    return;
  }

  // at this point established a TLS connection to the host on port httpsPort
   
 
  Serial.println();

  HTTPClient http;
  delay(100);
 
  http.begin(host, httpsPort, url);
  http.addHeader("X-Amt-Auth", "12345678");
  int httpCode = http.GET();
  if(httpCode > 0) {
            // HTTP header has been send and Server response header has been handled
            Serial.printf("[HTTP] GET... code: %d\n", httpCode);

            // file found at server
            if(httpCode == HTTP_CODE_OK) {
                String payload = http.getString();
                Serial.println(payload);
            }
        } else {
            Serial.printf("[HTTP] GET... failed, error: %s\n", http.errorToString(httpCode).c_str());
        }

        http.end();
 
 
} // setup

void loop() {
}

Re: Can't make GET request work on TLS/SSL connection

PostPosted: Wed Feb 15, 2017 2:34 pm
by martinayotte
Your code is instantiating a WiFiClientSecure, but you do nothing with it, so, it is pretty useless.
Also, the HTTPClient isn't in TLS, although you provide 443 port, you need to use the right begin(), the one for TLS :

Code: Select allbool HTTPClient::begin(String host, uint16_t port, String uri, bool https, String httpsFingerprint)


The fingerprint of the server can be copied/pasted from a browser by viewing certificate.

Re: Can't make GET request work on TLS/SSL connection

PostPosted: Wed Feb 15, 2017 3:36 pm
by Ray Alderman
[quote="martinayotte"]Your code is instantiating a WiFiClientSecure, but you do nothing with it, so, it is pretty useless.
Also, the HTTPClient isn't in TLS, although you provide 443 port, you need to use the right begin(), the one for TLS :

Code: Select allbool HTTPClient::begin(String host, uint16_t port, String uri, bool https, String httpsFingerprint)


Thanks. I've aded the correct begin with strings of host, uri and fingerprint.

I'm now crashing the ESP8266 and getting a reset with Exception (29):

Exception (29):
epc1=0x4000e1b2 epc2=0x00000000 epc3=0x00000000 excvaddr=0x00000008 depc=0x00000000

Progress!

Trying various things but not finding an answer - is there another way to get a SSL GET request with a header?

Re: Can't make GET request work on TLS/SSL connection

PostPosted: Wed Feb 15, 2017 4:16 pm
by martinayotte