Tool/software:
Hello, TI Forum!
I’ve been running an HTTP server on my CC3220SF for my application for the last couple of years. The server works fine and has been very stable. However, I now need to migrate it from HTTP to HTTPS.
Over the past few weeks, I’ve been trying to make this transition based on the examples provided in the SDK. Everything seems to initialize correctly in debug mode, but the incoming requests are not being processed properly. I have also disabled certificate verification on my client side, but during the handshake I encounter an unexpected EOF error.
To troubleshoot, I used the openssl s_client command to inspect the connection, and it looks like there might be some issue with the certificates.
I’m currently using the following setup:
-
SimpleLink SDK: 6.10.05
-
Code Composer Studio: 12.1.0
-
Certificate:
dummy-trusted-ca-cert -
Key:
dummy-trusted-ca-cert-key
Below is the code section responsible for enabling the HTTPS server. I suspect the issue might be related to how the certificates were loaded into the file system. However, the SlNetSock_secAttribSet function returns 0 both times, so there’s no error indication at that point.
Any insight or guidance on what could be going wrong would be greatly appreciated.
int rc;
HTTPServer_Handle srv = 0;
struct sockaddr_in addr;
(void)noargs;
SlNetSockSecAttrib_t* secAttribs = NULL;
srv = HTTPServer_create (handlerTable, 1, NULL);
memset (&addr, 0, sizeof (addr));
addr.sin_family = AF_INET;
addr.sin_addr.s_addr = htonl (INADDR_ANY);
addr.sin_port = htons (BIONET_HTTP_PORT_SSL);
secAttribs = SlNetSock_secAttribCreate ();
if (secAttribs == NULL){
debug_printf(" SlNetSock_secAttribCreate failed\r\n");
pthread_exit (0);
return NULL;
}
// Loading the buffers into the security attributes object
rc = SlNetSock_secAttribSet (secAttribs, SLNETSOCK_SEC_ATTRIB_LOCAL_CERT, "/dummy-trusted-ca-cert", strlen("/dummy-trusted-ca-cert")+1);
debug_printf(" SLNETSOCK_SEC_ATTRIB_LOCAL_CERT: status = %d\r\n", rc);
rc = SlNetSock_secAttribSet (secAttribs, SLNETSOCK_SEC_ATTRIB_PRIVATE_KEY, "/dummy-trusted-ca-cert-key", strlen("/dummy-trusted-ca-cert-key")+1);
debug_printf(" SLNETSOCK_SEC_ATTRIB_PRIVATE_KEY: status = %d\r\n", rc);
HTTPServer_enableSecurity(srv, secAttribs, true);
if (srv){
bionet_log (BN_LOG_DEBUG, "HTTP Server Ready.\r\n");
#ifdef __BIONET_DEBUG__
debug_printf ("{\"httpServer\": {\"status\":\"ready\"}}");
#endif // __BIONET_DEBUG__
debug_printf ("{\"httpServer\": {\"status\":\"ready\"}}");
rc = HTTPServer_serveSelect (srv, (struct sockaddr *)&addr, sizeof(addr), BIONET_HTTP_BACKLOG);
if (rc != 0){
bionet_log (BN_LOG_ERROR, "Unable to start HTTP server!\r\n");
#ifdef __BIONET_DEBUG__
debug_printf ("{\"httpServer\": {\"error\":\"unable to start!\"}}");
#endif // __BIONET_DEBUG__
debug_printf ("{\"httpServer\": {\"error\":\"unable to start!\"}}");
}
HTTPServer_delete (&srv);
}
pthread_exit (0);
