Secure Connection SSL help

Tagged: SSL

This topic has 2 replies, 3 voices, and was last updated 2023-03-13 at 6:30 PM by Anthony Aufdenkampe.

Viewing 2 reply threads

Author

Posts
- 2023-02-24 at 3:04 PM #17622
  Laura DeCicco
  Participant
  I was trying to set up a secure connection to our AWS IoT server by using this example:
  https://aws.amazon.com/blogs/compute/building-an-aws-iot-core-device-using-aws-serverless-and-an-esp32/
  
  The first big difference is that I’m using the SIMComSIM7080 code (ie starting from DRWI_SIM7080LTE.ino) to connect to the internet instead of a general WiFi as they describe. After a few wild goose chases, I thought I could follow this example:
  
  https://dogcomp.medium.com/send-https-request-from-sim-7600x-lte-module-4f76be19e900
  
  But when I tried installing the SSLClient library:
  https://github.com/govorox/SSLClient
  I’m stuck trying to get the “mbedtls” library that is needed for SSLClient.
  
  I don’t understand this comment, but I suspect maybe I just can’t use the mbedtls on the Mayfly?:
  https://github.com/govorox/SSLClient/issues/22#issuecomment-1282141706
  
  Are there any examples around where Mayfly users have used a cellular signal to securely connect to a server? I have the public and private pem keys, and the certificate. I can put those in a secrets.h file and include that. What I’m missing is something like:
  
  SSLClient secure_layer(&SIMComSIM7080);
  HttpClient client = HttpClient(secure_layer, server, port)
  secure_layer.setCACert(root_ca)
  
  Additional libraries I’ve been trying:
  ArduinoBearSSL
  (maybe something like: https://github.com/arduino-libraries/ArduinoBearSSL/blob/master/examples/MKRGSMSSLClient/MKRGSMSSLClient.ino)
  or
  https://github.com/OPEnSLab-OSU/SSLClient
  
  Thanks for any clues!
- 2023-03-09 at 11:03 AM #17676
  Sara Damiano
  Moderator
  I don’t know if the Mayfly is powerful enough for any of the SSL libraries, but you shouldn’t need one. The SIM7080G itself can handle the layers of secure connection. The Mayfly should only need to tell it to use the secure connection. Look in the examples for secure connections in the TinyGSM library. Essentially all you need to do is call TinyGsmClientSecure client(modem) instead of TinyGsmClient client(modem).
  
  I think for AWS, you may need to upload the SSL certificate to the SIM7080G before you can use it. I’ve never tried to do this, but there’s an example of doing it with the SIM800 in the TinyGSM library here: https://github.com/vshymanskyy/TinyGSM/blob/master/examples/more/SIM800_SslSetCert/SIM800_SslSetCert.ino
- 2023-03-13 at 6:30 PM #17684
  Anthony Aufdenkampe
  Participant
  @ldecicco, last autumn I started working on a somewhat similar task using the same radio module, but for posting to Azure EventHub.
  
  As @srgdamiano mentioned, the key is to add HTTPS capabilities using the TinyGsmClientSecure client(modem) . Doing that worked for me and I was able to Post data.
  
  Although I haven’t worked on this for a few months, I need to get back to it and I just created this Pull Request from my feature branch to the develop branch, so that you can compare my code changes: https://github.com/EnviroDIY/ModularSensors/pull/432
Author

Posts

Viewing 2 reply threads

You must be logged in to reply to this topic.