Need help with verifyCertChain and some SSL certificates
Posted: Thu Feb 08, 2018 5:08 pmHello,
I'm working with Arduino IDE. I have connected to an ESP-01 some sensors and write data to a php script at my home page and than to a MySQL database. Also MQTT is working. Now I want to secure the access to the web servers. At first I tried the version with fingerprints. This is working, but the certificates has to be renewed sometimes with updating the firmware. So I tried the example HTTPSRequestCACert. With the given address api.github.com and the included certificate it is working. So I have extracted the certificate from my provider and it doesn't work. So I have tried some other addresses to test if my way is right. For example the certificates from ebay, paypal, cloudmqtt are successful verified. But some addresses that I have tried are not successful verified, also the certificate from my providers ssl proxy https://ssl.webpack.de is not working. The return code at:
is 0.
I have only adapted the source and the certificate from the example that is included in the esp8266 package for arduino IDE. The way is the same, I'm extracting the DER-certificate in the browser and than I thansfer this to a linux system an I'm running:
Has anyone an idea what to do?
Regards Michael
I'm working with Arduino IDE. I have connected to an ESP-01 some sensors and write data to a php script at my home page and than to a MySQL database. Also MQTT is working. Now I want to secure the access to the web servers. At first I tried the version with fingerprints. This is working, but the certificates has to be renewed sometimes with updating the firmware. So I tried the example HTTPSRequestCACert. With the given address api.github.com and the included certificate it is working. So I have extracted the certificate from my provider and it doesn't work. So I have tried some other addresses to test if my way is right. For example the certificates from ebay, paypal, cloudmqtt are successful verified. But some addresses that I have tried are not successful verified, also the certificate from my providers ssl proxy https://ssl.webpack.de is not working. The return code at:
Code: Select all
int success = client.verifyCertChain(host);is 0.
I have only adapted the source and the certificate from the example that is included in the esp8266 package for arduino IDE. The way is the same, I'm extracting the DER-certificate in the browser and than I thansfer this to a linux system an I'm running:
Code: Select all
xxd -i GlobalSignRootCA.der CACert_webpack.inoHas anyone an idea what to do?
Regards Michael