Home/Support/Support Forum/ussl and TCP connections with REPL and SPI

ussl and TCP connections with REPL and SPI

0 votes
So, I'm trying to do a HTTPS connection in various ways, and I always get the same result: no data

mostly I don't use tx/rx on the Xbee, but SPI in API mode. I tried to connect using sockets, and all goes well for creation and connecting, but I NEVER receive the 0xcf frame that would indicate a connection. According to the documentation, it would be send to the serial, which doesn't make sense since I'm using SPI (DIN/DOUT are NOT forcefully disabled, but SPI is always selected on boot) so serial would be disabled

I tried to do some connections in the xbee REPL console and a basic HTTP connection works:
Code:
>>> u = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_TCP); u.connect(('kevzan.net',80)); u.write('GET /test/test.txt HTTP/1.1\r\nhost: kevzan.net\r\nconnection: close\r\naccept: */*\r\n\r\n'); u.read() 81 b'HTTP/1.1 302 Found\r\nDate: Fri, 18 Dec 2020 16:49:36 GMT\r\nServer: Apache/2.4.29 (Ubuntu)\r\nLocation: https://kevzan.net/test/test.txt\r\nContent-Length: 292\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href="https://kevzan.net/test/test.txt">here</a>.</p>\n<hr>\n<address>Apache/2.4.29 (Ubuntu) Server at kevzan.net Port 80</address>\n</body></html>\n'

Now if I switch to ssl, it doesn't:
Code:
>>> u = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_TCP); u.connect(('kevzan.net',80)); u.write('GET /test/test.txt HTTP/1.1\r\nhost: kevzan.nes = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.IPPROTO_SEC); u = ssl.wrap_socket(s); u.connect(('kevzan.net',443)); u.write('GET /test/test.txt HTTP/1.1\r\nhost: kevzan.net\r\nconnection: close\r\naccept: */*\r\n\r\n'); time.sleep(1); u.read() 81 b''

(I should get Hello)

Any explanation or hint?

Feel free to test using my server if necessary (a simple browser call will show you it works, and certificates are fine)

Thanks!
Phil

PS: I get the same issue on LTE-M/NBioT Xbee or LTE Cat-1 ones (latest firmware versions)
asked Dec 18, 2020 in MicroPython by peergum New to the Community (2 points)
edited Jan 27 by TomCollins

Please log in or register to answer this question.

1 Answer

0 votes
Make sure you have the proper TP value and your Certificates.
answered Dec 18, 2020 by mvut Veteran of the Digi Community (14,777 points)
Thanks, but that's not the issues: I set TP to 300 (30s) and I'm not using any certificate at all. Based on the server logs, the call is replied a 200 status, which I never seem to get.

Checking the docs, I realized my server was using TLSv1.3 which is not supported by the Xbee. I switched to TLSv1.2, but I feel the issue may be the limited number of ciphers the Xbee supports, and no matching one I can set on my apache2 server... I guess I'm kind of stuck here, I'll probably have to go unencrypted unfortunately. I assume most people don't download firmware upgrades for their boards (through the Xbee) that way...
...