This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

RTOS/DK-TM4C129X: Connect to cloud (https client ) - using proxy and tls

Expert 1255 points

Part Number: DK-TM4C129X

Tool/software: TI-RTOS

Hello,

I am using the base code as an example provided in ti rtos (though it is for another board) for establishing a https client on my target.

When the board it connected to ethernet, and i run the code, i get the error that host is not resolved.

To test, I tried to connect curl to my cloud server, and got the same error  host is not resolved. Then i set the proxy settings for curl and i am able to connect curl to cloud via proxy tunnel.

Now i want to do the same on my target, ie to set proxy. 

I am not able to find much documents or example on this. Can you please help, and guide me in the right direction. 

Thanks a lot

av

mcu : tm4c129xnczad

board: dk-tm4c129x

ide: ccs

  • Hello,

    Update:

    I was able to set the proxy settings on this board.

    I was able to do http get command from the target successfully.

    My next concern is regarding the httpS client. I understand that the wolfssl has to be downloaded separately, build and then linked to my project(pls correct if i'm wrong). But the wiki page doesn't mention my board in Supported targets and products section.

    Is it possible to create a HTTPS client on dk-tm4c129x??

     

    Please guide me on this

     

    Thanks a lot

    av

  • My expectation is that the DK-TM4C129X will support the same software Ethernet examples as the EK-TM4C1294EXL. Which WIKI page are you referring to?
  • Hi Bob,

    this is the wiki page:
    processors.wiki.ti.com/.../Using_wolfSSL_with_TI-RTOS

    I am trying to follow the steps given there to link wolfssl lib to my project. I want to make sure thst this is a viable solution before going forward with it.
    I believe these are the 2 methods: TI-RTOS supported TLS layers (i.e. SimpleLink and WolfSSL)
    Can we use simplelink tls instead wolfssl for this board?

    Thanks
    av
  • You should not have an issue as the TM4C129XNCZAD which is o the DK-TM4C129X is a superset of the TM4C129ENCPDT which is on the EK-TM4C129EXL.

    For the TI-RTOS SimpleLink part of your question I am transferring that part to the group that does that software.
  • The TLS with SimpleLink is down on the CC3100/CC3120 network processor. If you are using Ethernet, we currently only have WolfSSL examples/support. For specific questions about WolfSSL, we recommend you contact them directly.

    Todd
  • Hi

    I was trying to build the wolfssl as mentioned in the wiki page: http://processors.wiki.ti.com/index.php/Using_wolfSSL_with_TI-RTOS#Build_Instructions 

    my wolfssl version is 3.11.0

    but when i build it i get the following error regarding aes file

    i understand that i have to change the configuration in the settings.h.

     can me you tell me what is the correct configuration that has to be changed for ti rtos

    this is how my products.mak file looks

    #
    #  ======== products.mak ========
    #
    #
    # Read the http://processors.wiki.ti.com/index.php/Using_wolfSSL_with_TI-RTOS
    # for instructions to download the software required.
    
    # XDC_INSTALL_DIR is the path to XDCtools directory.
    XDC_INSTALL_DIR        = C:/ti/xdctools_3_32_00_06_core
    
    # BIOS_INSTALL_DIR is the path to TI-RTOS Kernel (SYS/BIOS) directory. If you
    # have installed TI-RTOS, it is located in the products/bios_* path.
    BIOS_INSTALL_DIR       = C:/ti/tirtos_tivac_2_16_01_14/products/bios_6_45_02_31
    
    # NDK_INSTALL_DIR is the path to TI-RTOS NDK directory. If you have
    # installed TI-RTOS, it is located in the products/ndk_* path.
    NDK_INSTALL_DIR        = C:/ti/tirtos_tivac_2_16_01_14/products/ndk_2_25_00_09
    
    # TIVAWARE_INSTALL_DIR is the path to Tivaware driverlib directory. If you have
    # installed TI-RTOS, it is located in the products/TivaWare_* path.
    TIVAWARE_INSTALL_DIR   = C:/ti/tirtos_tivac_2_16_01_14/products/TivaWare_C_Series-2.1.1.71b
    
    export XDCTOOLS_JAVA_HOME = C:/ti/ccsv6/eclipse/jre
    # Define the code generation tools path for TI, IAR and GCC ARM compilers.
    # If you have installed Code Composer Studio, the TI and GCC compiler are
    # located in the ccsv*/tools/compiler/* path.
    #
    # Leave assignment empty to disable any toolchain.
    ti.targets.arm.elf.M4F = C:/ti/ccsv6/tools/compiler/ti-cgt-arm_16.6.0.STS
    iar.targets.arm.M4F    =
    gnu.targets.arm.M4F    =
    

    Thanks a lot

    av

  • a.v said:
    my wolfssl version is 3.11.0

    Our WolfSSL support for Tiva is limited to WolfSSL v3.9.6w. You can download that version (GPL licensed) of WolfSSL from their github.

    Hope this helps.

    Vikram

  • Hi Vikram,

    I am stiil facing the same error after trying with version 3.9.6.w of wolfssl.

    Can u suggest the correct configuration of the products.mak file and the solution to overcome this error.

    UPDATE:

    i was able build the wolfssl correctly following this link:  https://github.com/wolfSSL/wolfssl-examples/tree/master/tirtos_ccs_examples

    My board is DK-TM4C129X

    there is no example which i can use directly from resource explorer.

    i have followed the above link and was able to build a https get project for my board without error.

    but

    when i run this i get an error 

    httpsTask: TLS create failed

     

    i understand while using wolfssl on this board needs the certificate to be saved as a string.

    uint8_t ca[] ="line1"
    "line2"
    "line3"
    "and so on"; TLS_Params tlsParams; TLS_Handle tls; TLS_Params_init(&tlsParams); tlsParams.ca = ca;//storage; tlsParams.calen = strlen((const char*)ca);//strlen(SL_SSL_CA_CERT_FILE_NAME); UARTprintf("ca=%s\n\n\r%d\n\r",tlsParams.ca,tlsParams.calen); tls = TLS_create(TLS_METHOD_CLIENT_TLSV1_2, &tlsParams, NULL); if (!tls) { UARTprintf("httpsTask: TLS create failed"); } cli.tls = tls; cli_handle->tls=tls;

    is this the right format??

    Please suggest

     

    thanks

    av

  • TLS_create() can fail for two reasons:

    1. Input CA certificate is wrong.
    Make sure you are using the correct CA certificate and replace "line1" "line2" with actual CA certificate in your application.

    2. System clock time is wrong.
    The httpsget example uses SNTP to set-up System Clock (using Seconds_set()). Time is required by the wolfSSL stack to validate the
    certificates. Is the System Clock set in your application?

    Vikram
  • Hi Vikram;

    i had entered the certificate as such: my certificate geo trust golbal ca

    uint8_t ca[] ="MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\

    MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\

    YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG\

    EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg\

    R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9\

    9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq\

    fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv\

    iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU\

    1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+\

    bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW\

    MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA\

    ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l\

    uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn\

    Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS\

    tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\

    PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un\

    hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV\

    5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==";

    with back slash at the end

    i have added start sntp function now, but it waits forever on the semhandle semaphore.

    if i comment this semaphore pend out i get current time as Current time: Thu Jan  1 00:00:00 1970

    AND 

    later code crashes at tls create.

     

    this is my code format

    #include <ti/net/sntp/sntp.h>

    #define NTP_HOSTNAME "129.6.15.28"
    #define NTP_PORT "123"
    #define NTP_SERVERS 3
    #define NTP_SERVERS_SIZE (NTP_SERVERS * sizeof(struct sockaddr_in))

    uint8_t ca[] ="MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\
    MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\
    YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG\
    EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg\
    R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9\
    9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq\
    fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv\
    iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU\
    1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+\
    bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW\
    MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA\
    ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l\
    uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn\
    Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS\
    tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\
    PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un\
    hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV\
    5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==";

    my final aim is to connect to google firebase cloud. 

    Any help is appreciated

    thanks a lot

    av

  • Can you please share your code? I would like to try it on my set-up.

    I would like to see why your application in hanging on a semaphore. Also, I would make sure the ntp address is valid (use pool.ntp.org instead). 

    a.v said:

    AND 

    later code crashes at tls create.

    Are there any crash messages on the console? Can you check ROV (in CCS debug mode, select Tools > ROV)? Do you have sufficient heap (check BIOS.heapSize in your application cfg file)?

    Vikram

  • Hi Vikram
    Yes , i can share my code, can i u suggest a way i can send it to you personally?
    Thanks a lot
    av
  • Preferred option is to send me an example project that can reproduce your issue. You can then attach the project here.

    The other option is to direct message me through e2e messages.

    Vikram
  • Hi Vikram,

    This is the screenshot where it crashes. and also the serial output screen

    I will send the code as a private msg as soon as possible.

    Thanks a lot

    av

  • looks like you are hitting stack overflow. Make sure your task has enough stack size.

    Vikram

  • Hi viikram,

    #define TCPHANDLERSTACK 2048

    #define HTTPTASKSTACKSIZE 8192

    i have provided enough space, but still this occurs..

    i will send my code

    thanks

    av

  • The stack needed for woflSSL is much bigger than 8K. Please refer the httpsget example.

    Vikram
  • Hi Vikram

    I have taken the https get example for ek- tm4c129exl and converted it for my board dk-tm4c129x...the code is untouched except for the addition of the certificate. But i get the error as follows:

    this is the code

    httpsget_EK_TM4C129EXL_TI_TivaTM4C129ENCPDT.rar

    i am behind a proxy, so when i made the http client code for my board i had added proxy

    as such, and this was connecting to the website and doing get and post perfectly:

    struct sockaddr_in paddr;
    paddr.sin_family = AF_INET;
    paddr.sin_port = htons(PROXY_PORT);
    paddr.sin_addr.s_addr=inet_addr1(PROXY_IP);
    HTTPCli_setProxy((struct sockaddr *)&paddr);

    struct addrinfo hints;
    struct addrinfo *addrs;
    memset(&hints, 0, sizeof(struct addrinfo));
    hints.ai_family = AF_INET;
    ret = getaddrinfo(HOSTNAME, "0", &hints, &addrs);
    if (ret != 0)
    {
    // return (HTTPCli_EHOSTNAME);
    }
    *((struct sockaddr *)&addr) = *(addrs->ai_addr);
    addr.sin_port = htons(HOST_PORT);

    do i need to add proxy setting for stnp function as well

    please guide

    thanks

    av

  • a.v said:

    struct addrinfo hints;
    struct addrinfo *addrs;
    memset(&hints, 0, sizeof(struct addrinfo));
    hints.ai_family = AF_INET;
    ret = getaddrinfo(HOSTNAME, "0", &hints, &addrs);
    if (ret != 0)
    {
    // return (HTTPCli_EHOSTNAME);
    }
    *((struct sockaddr *)&addr) = *(addrs->ai_addr);
    addr.sin_port = htons(HOST_PORT);

    do i need to add proxy setting for stnp function as well

    We don't have proxy support in our SNTP module and as far as I know the NTP servers in a proxy/firewall based networks are local. You may have to check with your IT team to find the address of the local NTP server. Using the local NTP server should resolve the issue.

    Vikram

  • Hi Vikram

    it seems i havent got much support from the IT team regarding the ntp server address.

    But for the time being as a work around is there a way to set the device time manually as in the cc3200 device:

    ex in cc3200 we had this option:

    SlDateTime_t dt;
    dt.sl_tm_day = 6;
    dt.sl_tm_mon = 1;
    dt.sl_tm_year =2017;
    dt.sl_tm_hour = 12;
    dt.sl_tm_min = 34;
    dt.sl_tm_sec = 45;
    sl_DevSet(SL_DEVICE_GENERAL_CONFIGURATION,
    SL_DEVICE_GENERAL_CONFIGURATION_DATE_TIME,
    sizeof(SlDateTime_t), (unsigned char *)(&dt));

    Is there a way to set device time manually for this board?

    Thanks 

    av

  • You can use the Seconds_set() function to set the time manually. The input to this function is time in seconds since epoch. I generally use the following website to get the epoch time - www.epochconverter.com/

    The header for this function is already included in your code as you tried to use the same function through SNTP. So, build should not be a problem.

    Vikram