• State TI Thinks Resolved
  • Locked Locked
  • Replies 8 replies
  • Answers 3 answers
  • Subscribers 42 subscribers
  • Views 347 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3220SF: CC3220SF - HTTPS client

Manish_Thakur
Genius 5085 points
Part Number: CC3220SF
Other Parts Discussed in Thread: UNIFLASH

Hi,

Can anyone please tell me how do I make Secured HTTP client connection. Please I got stuck because there is lack of examples in SDK.

Regards 

Manish

  • 0
    TI__Mastermind 30780 points
    Hi Manish,

    You can test this with the Httpget application in the SDK. You need to update the HOSTNAME to use the "https://" prefix and then create an instance of HTTPClient_extSecParams and call HTTPClient_connect() function with the additional security parameter.

    Best Regards,
    Ben M
  • 0 in reply to Benjamin Moore
    TI__Mastermind 40965 points
    Hi Manish,

    An example of the exact changes mentioned by Ben can be found in his post here:
    e2e.ti.com/.../2444798

    Regards,
    Michael
  • 0 in reply to Michael Reymond
    Genius 5085 points

    Hi,

    First of all thanks to Ben and Michael, you both have cleared my doubts, but one question is still exists that if we are client and connecting to HTTPS server do we need a certificate for that or no?

    Regards

    Manish Thakur

  • 0
    Genius 5085 points

    Part Number: CC3220SF

    Hi,

    I'm following this forum link 

    there one guy is connecting to example.com in HTTPS method from where does he get server certificate and private key because uniflash is asking for server certificate and server private key. Kindly help because it is our project.

    Regards

  • 0 in reply to Manish_Thakur
    TI__Mastermind 30780 points

    Hi Manish,

    When connecting to an HTTPS server, the same requirements apply as for other TLS connections. Refer to section 7.5.3 of the Network Processor Programmer's guide for details:

    http://www.ti.com/lit/swru455

    The expectation of our HTTP library and example is that, at a minimum, server authentication will be performed. The device needs to have the server's Root CA stored on the file system for this and the secParams we are referring to configured accordingly. Client authentication is optional and depends on the configuration of the server.

    Best Regards,

    Ben M

  • 0 in reply to Manish_Thakur
    TI__Mastermind 38980 points
    Hi Manish,

    I've merged your newest thread with this one as the topic seems to be the same. For further discussion on this topic, please keep to this thread.

    Best regards,
    Sarah
  • 0 in reply to Sarah P
    TI__Mastermind 30780 points
    Hi Manish,

    Only the server certificate is required. The private key of the server should never be exposed and is NOT used by the client during verification. You can check the Root CA for a specific web address through your web browser. For example, you can see it if you click on the lock icon beside the address when you are using chrome and choosing "Certificate". That will pull up the server's certificate and show you the certification path. You want the certificate at the top. It can be downloaded from you browser's cert store, Window's cert store, or the certificate authority directly sometimes.

    Best Regards,
    Ben M
  • 0 in reply to Benjamin Moore
    Genius 5085 points

    Hi Ben,

    Thanks for the info and i'll get back to you when this is done meanwhile do not close this thread.

    Regards 

    Manish