• State Resolved
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 392 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3235MODAS: SimpleLinkNetAppRequestEventHandler, Not getting event with https

Tejas Thaker
Prodigy 180 points
Part Number: CC3235MODAS
Other Parts Discussed in Thread: UNIFLASH, CC3235S

Hi TI Experts,

i'm using the SimpleLinkNetAppRequestEventHandler to handle the GET/POST request from the HTML page. So fat it is working fine with the http server, but now When I have enabled the secure http server from the Uniflash and after this I am not able to receive the any events in SimpleLinkNetAppRequestEventHandler for POST request. 

What am I doing wrong?   

Thanks

  • 0
    TI__Guru 63006 points

    Are you able to run the Local OTA example? This one is using the POST request and by default uses the secure connection.

    If you set the certificate and key correctly - this would just work. You will also need to set the SL_NETAPP_HTTP_PRIMARY_PORT_SECURITY_MODE.

    See example for code to enable the HTTP server:

    typedef struct
{
    uint16_t primaryPort;   /* set to primary port or 0 to use default (80) */
    uint16_t secondaryPort; /* set to secondary port or 0 to use default (no secondary) */
    char *pServerCert;      /* set to HTTPS server's certificate, or to NULL (when using HTTP) */
    char *pServerKey;       /* set to HTTPS server's private key (null when usign HTTP) */
    char *pClientRootCa;    /* set to Client root CA (if needed), or to NULL (if not needed) */
} HTTPSRV_IF_params_t;
 
//*****************************************************************************
//
//! \brief  This function configures the HTTPS server
//!
//! \param  pServerCert         Server's Certificate filename (NULL if no security is needed)
//!
//! \param  pServerKey          Server's Private Key filename
//!
//! \param  pClientRootCACert   Clients' root CA (if client authentication is needed)
//!
//! \return NetApp error codes or 0 upon success.
//!
//*****************************************************************************
int HTTPSRV_IF_config(HTTPSRV_IF_params_t *pSrvParams)
{
    int rc = 0;
    int status = 0;
    SlFsFileInfo_t FsFileInfo;
    uint16_t primaryPort = DEFAULT_HTTP_SRV_PORT;
    uint16_t secondaryPort = 0;
    uint8_t securityMode = 0;
    uint8_t secondaryPortEnable = 0;

    /* By default - only set primary to HTTP (not secure) port
     */


    if(pSrvParams)
    {
        /* Update the primary/secondary ports if needed */
        if(pSrvParams->primaryPort != 0)
        {
            primaryPort = pSrvParams->primaryPort;
        }
        secondaryPort = pSrvParams->secondaryPort;

        /* Check for HTTPS params */
        if(pSrvParams->pServerCert)
        {
            LOG_DEBUG("Configure Server for secured mode...");
            securityMode = 1;
            /* Check if the file used for SSL exists in the FS */
            status = sl_FsGetInfo((const uint8_t *)pSrvParams->pServerCert, 0, &FsFileInfo);
            if(status < 0)
            {
                if (status == SL_ERROR_FS_FILE_NOT_EXISTS)
                {
                    LOG_ERROR("File %s status=SL_ERROR_FS_FILE_NOT_EXISTS\r\n",pSrvParams->pServerCert);
                }
                else
                {
                    LOG_ERROR("Error sl_FsOpen %s, Status=%d\r\n", pSrvParams->pServerCert, status);
                }
                return status;
            }
            /* Check if the file used for SSL key exists in the FS */
            status = sl_FsGetInfo((const uint8_t *)pSrvParams->pServerKey, 0, &FsFileInfo);
            if(status < 0)
            {
                if (status == SL_ERROR_FS_FILE_NOT_EXISTS)
                {
                    LOG_ERROR("File %s status=SL_ERROR_FS_FILE_NOT_EXISTS\r\n",pSrvParams->pServerKey);
                }
                else
                {
                    LOG_ERROR("Error sl_FsOpen %s, Status=%d\r\n", pSrvParams->pServerKey, status);
                }
                return status;
            }
            /* Set the file names used for SSL key exchange */
            setNetAppHttp(&rc, SL_NETAPP_HTTP_DEVICE_CERTIFICATE_FILENAME,
                          strlen((char *)pSrvParams->pServerCert), (const uint8_t *)pSrvParams->pServerCert);

            setNetAppHttp(&rc, SL_NETAPP_HTTP_PRIVATE_KEY_FILENAME,
                          strlen((char *)pSrvParams->pServerKey), (const uint8_t *)pSrvParams->pServerKey);

            if(pSrvParams->pClientRootCa)
            {
                setNetAppHttp(&rc, SL_NETAPP_HTTP_CA_CERTIFICATE_FILE_NAME,
                              strlen((char *)pSrvParams->pClientRootCa), (const uint8_t *)pSrvParams->pClientRootCa);
            }
        }
    }
    setNetAppHttp(&rc, SL_NETAPP_HTTP_PRIMARY_PORT_NUMBER,
                  sizeof(primaryPort), (uint8_t *)&primaryPort);
    if(secondaryPort)
    {
        /* Enable secondary HTTP port (can only be used for redirecting
         connections to the secure primary port) */
        setNetAppHttp(&rc, SL_NETAPP_HTTP_SECONDARY_PORT_NUMBER,
                      sizeof(secondaryPort), (uint8_t *)&secondaryPort);
        secondaryPortEnable = 1;
    }
    setNetAppHttp(&rc,
                  SL_NETAPP_HTTP_SECONDARY_PORT_ENABLE,
                  sizeof(secondaryPortEnable),
                  &secondaryPortEnable);

    setNetAppHttp(&rc,
                  SL_NETAPP_HTTP_PRIMARY_PORT_SECURITY_MODE,
                  sizeof(securityMode),
                  &securityMode);

    if(rc >= 0)
    {
        rc = sl_NetAppStop(SL_NETAPP_HTTP_SERVER_ID);
        LOG_DEBUG("HTTP Server Stopped");

        rc = sl_NetAppStart(SL_NETAPP_HTTP_SERVER_ID);
        while (rc == SL_ERROR_HTTP_SERVER_ENABLE_FAILED)
        {
            sleep(1);
            rc = sl_NetAppStart(SL_NETAPP_HTTP_SERVER_ID);
        }

        LOG_DEBUG("HTTP Server Re-started");
    }
    return rc;
}

  • 0 in reply to Kobi Leibovitch
    Prodigy 180 points

    Hi,

    Thanks for your prompt reply. I am using the cloud_ota as a reference code. Here I have attached the function which I have used to make secure server and it is working properly and able to access the https server without any problem and also able to add and remove the profile functionality, But after doing this I am not getting any PUT request from the html page which I have used for device configuration parameter.

    int32_t ConfigureHttpsServer(void)
{
    int32_t retVal = 0;
    int32_t status = 0;
    uint8_t httpsPort[] = { 0xBB, 0x01 }; /* 0x1BB = 443 */
    uint8_t secondaryPort[] = { 0x50, 0x00 }; /* 0x050 = 80 */
    uint8_t secondaryPortEnable[] = { 0x1 };
    uint8_t securityMode = 1;
    SlFsFileInfo_t FsFileInfo;

    UART_PRINT("ConfigureHttpsServer for secured mode...\n\r");

    /* Check if the file used for SSL exists in the FS */
    status = sl_FsGetInfo((const uint8_t*) SSL_SERVER_CERT, 0, &FsFileInfo);
    if (status < 0)
    {
        if (status == SL_ERROR_FS_FILE_NOT_EXISTS)
        {
            UART_PRINT(
                    " [ERROR] File %s status=SL_ERROR_FS_FILE_NOT_EXISTS\r\n",
                    SSL_SERVER_CERT);
        }
        else
        {
            UART_PRINT(" [ERROR] Error sl_FsOpen %s, Status=%d\r\n",
            SSL_SERVER_CERT,
                       status);
        }
        return status;
    }
    /* Check if the file used for SSL key exists in the FS */
    status = sl_FsGetInfo((const uint8_t*) SSL_SERVER_KEY, 0, &FsFileInfo);
    if (status < 0)
    {
        if (status == SL_ERROR_FS_FILE_NOT_EXISTS)
        {
            UART_PRINT(
                    " [ERROR] File %s status=SL_ERROR_FS_FILE_NOT_EXISTS\r\n",
                    SSL_SERVER_KEY);
        }
        else
        {
            UART_PRINT(" [ERROR] Error sl_FsOpen %s, Status=%d\r\n",
            SSL_SERVER_KEY,
                       status);
        }
        return status;
    }

    /* Set the file names used for SSL key exchange */
    SetNetAppHttp(&retVal, SL_NETAPP_HTTP_DEVICE_CERTIFICATE_FILENAME,
                  strlen((char*) SSL_SERVER_CERT),
                  (const uint8_t*) SSL_SERVER_CERT);

    SetNetAppHttp(&retVal,
    SL_NETAPP_HTTP_PRIVATE_KEY_FILENAME,
                  strlen((char*) SSL_SERVER_KEY),
                  (const uint8_t*) SSL_SERVER_KEY);

    /* Activate SSL security on primary HTTP port and change it to
     443 (standard HTTPS port) */
    SetNetAppHttp(&retVal,
    SL_NETAPP_HTTP_PRIMARY_PORT_SECURITY_MODE,
                  sizeof(securityMode), &securityMode);

    SetNetAppHttp(&retVal,
    SL_NETAPP_HTTP_PRIMARY_PORT_NUMBER,
                  sizeof(httpsPort), httpsPort);

    /* Enable secondary HTTP port (can only be used for redirecting
     connections to the secure primary port) */
    SetNetAppHttp(&retVal,
    SL_NETAPP_HTTP_SECONDARY_PORT_NUMBER,
                  sizeof(secondaryPort), secondaryPort);

    SetNetAppHttp(&retVal,
    SL_NETAPP_HTTP_SECONDARY_PORT_ENABLE,
                  sizeof(secondaryPortEnable), secondaryPortEnable);

    if (retVal >= 0)
    {
        retVal = sl_NetAppStop(SL_NETAPP_HTTP_SERVER_ID);
        UART_PRINT("[Provisioning App] HTTP Server Stopped\n\r");

        retVal = sl_NetAppStart(SL_NETAPP_HTTP_SERVER_ID);
        if (retVal == SL_ERROR_HTTP_SERVER_ENABLE_FAILED)
        {
            do
            {
                sleep(1);
                retVal = sl_NetAppStart(SL_NETAPP_HTTP_SERVER_ID);
            }
            while (retVal == SL_ERROR_HTTP_SERVER_ENABLE_FAILED);
        }

        UART_PRINT("[Provisioning App] HTTP Server Re-started\n\r");
    }
    return retVal;
}

  • 0 in reply to Tejas Thaker
    TI__Guru 63006 points

    cloud_ota doesn't use the internal HTTP server (in cloud ota we use the HTTPClient library to connect to a remote server).

    local_ota shows how to configure and use the HTTP server and should serve as a reference.

    The local OTA is using POST request (not PUT) to transfer the payload.

  • 0 in reply to Kobi Leibovitch
    Prodigy 180 points

    Hi, I found that may be issue with the secure server certificates. I have tested the same PUT request using postman tool and it is working fine, when I disable the ssl verification. Is possible to disable the ssl certificate verification from the cc3235s device side. all others functionality from settings.html file working proprly using https server.  Only the put request not received in simplelinknetapprequesteventhandler. Is there any certificates available for "mysimplelink.net"  secure server. 

  • 0 in reply to Tejas Thaker
    TI__Guru 63006 points

    The http_server can be used with no security (http and not https) - see the SL_NETAPP_HTTP_PRIMARY_PORT_SECURITY_MODE settings (in such case don't provide the certificates).

    in the LocalOta example we are using the dummy "playground" certificates (the browser in such case needs to be include the dummy-root-ca-cert in its "verified" certificates list). This can be used for development but must be replaced with a formal certificate (signed by a known CA) when building a real product. 

  • 0 in reply to Kobi Leibovitch
    Prodigy 180 points

    Problem found. AJAX Call not working with secure server.  Thanks for your support.