You can chat about native SDK questions and issues here.

User avatar
By berkutta
#63506 I'm trying to get a SSL Server on the ESP8266 running. I'm using the newest ESP8266 RTOS SDK from their Github repo.

My code:
Code: Select all#define OPENSSL_DEMO_SERVER_ACK "HTTP/1.1 200 OK\r\n" \
                                "Content-Type: text/html\r\n" \
                                "Content-Length: 98\r\n\r\n" \
                                "<html>\r\n" \
                                "<head>\r\n" \
                                "<title>OpenSSL demo</title></head><body>\r\n" \
                                "OpenSSL server demo!\r\n" \
                                "</body>\r\n" \
                                "</html>\r\n" \
"\r\n"

#define OPENSSL_DEMO_FRAGMENT_SIZE 8192
#define TAG "SSL_DEMO"
#define OPENSSL_DEMO_THREAD_NAME        "OpenSSL_demo"
#define OPENSSL_DEMO_THREAD_STACK_WORDS 10240
#define OPENSSL_DEMO_THREAD_PRORIOTY    8
#define OPENSSL_DEMO_RECV_BUF_LEN       1024
#define OPENSSL_DEMO_LOCAL_TCP_PORT 443

LOCAL xTaskHandle openssl_handle;

LOCAL char send_data[] = OPENSSL_DEMO_REQUEST;
LOCAL int send_bytes = sizeof(send_data);

LOCAL char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];

static void openssl_demo_thread(void *p)
{
    int ret;

    SSL_CTX *ctx;
    SSL *ssl;

    int socket, new_socket;
    socklen_t addr_len;
    struct sockaddr_in sock_addr;

    char recv_buf[OPENSSL_DEMO_RECV_BUF_LEN];

    const char send_data[] = OPENSSL_DEMO_SERVER_ACK;
    const int send_bytes = sizeof(send_data);

    os_printf("SSL server context create ......");
    /* For security reasons, it is best if you can use
       TLSv1_2_server_method() here instead of TLS_server_method().
       However some old browsers may not support TLS v1.2.
    */
    ctx = SSL_CTX_new(TLSv1_2_server_method());
    if (!ctx) {
        os_printf("failed");
        goto failed1;
    }
    os_printf("OK");

    os_printf("CRT length: %d, PRV length: %d\n", demo_crt_len, demo_key_len);
    os_printf("demo_crt: %s", demo_crt);

    os_printf("SSL server context set own certification......");
    ret = SSL_CTX_use_certificate_ASN1(ctx, demo_crt_len, demo_crt);
    if (!ret) {
        os_printf("failed");
        goto failed2;
    }
    os_printf("OK");

    os_printf("SSL server context set private key......");
    ret = SSL_CTX_use_PrivateKey_ASN1(0, ctx, demo_key, demo_key_len);
    if (!ret) {
        os_printf("failed");
        goto failed2;
    }
    os_printf("OK");

    os_printf("SSL server create socket ......");
    socket = socket(AF_INET, SOCK_STREAM, 0);
    if (socket < 0) {
        os_printf("failed");
        goto failed2;
    }
    os_printf("OK");

    os_printf("SSL server socket bind ......");
    memset(&sock_addr, 0, sizeof(sock_addr));
    sock_addr.sin_family = AF_INET;
    sock_addr.sin_addr.s_addr = 0;
    sock_addr.sin_port = htons(OPENSSL_DEMO_LOCAL_TCP_PORT);
    ret = bind(socket, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
    if (ret) {
        os_printf("failed");
        goto failed3;
    }
    os_printf("OK");

    os_printf("SSL server socket listen ......");
    ret = listen(socket, 32);
    if (ret) {
        os_printf("failed");
        goto failed3;
    }
    os_printf("OK");

reconnect:
    os_printf("SSL server create ......");
    ssl = SSL_new(ctx);
    if (!ssl) {
        os_printf("failed");
        goto failed3;
    }
    os_printf("OK");

    os_printf("SSL server socket accept client ......");
    new_socket = accept(socket, (struct sockaddr *)&sock_addr, &addr_len);
    if (new_socket < 0) {
        os_printf("failed" );
        goto failed4;
    }
    os_printf("OK");

    SSL_set_fd(ssl, new_socket);

    os_printf("SSL server accept client ......");
    ret = SSL_accept(ssl);
    if (!ret) {
        os_printf("failed");
        goto failed5;
    }
    os_printf("OK");

    os_printf("SSL server read message ......");
    do {
        memset(recv_buf, 0, OPENSSL_DEMO_RECV_BUF_LEN);
        ret = SSL_read(ssl, recv_buf, OPENSSL_DEMO_RECV_BUF_LEN - 1);
        if (ret <= 0) {
            break;
        }
        os_printf("SSL read: %s", recv_buf);
        if (strstr(recv_buf, "GET ") &&
            strstr(recv_buf, " HTTP/1.1")) {
            os_printf("SSL get matched message");
            os_printf("SSL write message");
            ret = SSL_write(ssl, send_data, send_bytes);
            if (ret > 0) {
                os_printf("OK");
            } else {
                os_printf("error");
            }
            break;
        }
    } while (1);
   
    SSL_shutdown(ssl);
failed5:
    close(new_socket);
    new_socket = -1;
failed4:
    SSL_free(ssl);
    ssl = NULL;
    goto reconnect;
failed3:
    close(socket);
    socket = -1;
failed2:
    SSL_CTX_free(ctx);
    ctx = NULL;
failed1:
    vTaskDelete(NULL);
    return ;
}


It fails on "SSL_CTX_use_certificate_ASN1". No real fail, fails with an exception, just get the printf before it, no printf afterwords for "OK" or "failed".

Surprisingly this code works flawless on the esp32, same cert (handled via same .h file definitions).
User avatar
By egper
#68514 Hi.
For days now I'm trying to run an https server on ESP8266.
I'm sorry I have no answer for your question, I hope you have been able to solve it.
Compile and upload to the device the SSL_server_demon code included in esp8266-rtos-sample-code using ESP8266 RTOS SDK V1.5.0 but, although it initiates the communication, it does not send the HTML code to the browser.
For years I have been programmer in C language but for several inconveniences with the code provided I could not correct it due to lack of source code from several libraries.
Do you know where I can find an HTTPS server that works on ESP8266?
I can not find another program in Google.

Thank you.