Skip to content

https: certificate doesn't match, CI has failed #1933

New issue
New issue
Closed
Closed
https: certificate doesn't match, CI has failed#1933
Labels
component: librariestype: bug
Milestone
 
2.3.0
@Alexey888

Description

@Alexey888
Alexey888
opened on Apr 18, 2016

ESP-12e, Core Version: 2.1.0

The problem with the certificate.Please, help.
Thank!

Sketch

#include <ESP8266WiFi.h>
#include <WiFiClientSecure.h>

const char* ssid = "...";
const char* password = "...";

const char* host = "remoteboot.pro";
const int httpsPort = 443;

// Use web browser to view and copy
// SHA1 fingerprint of the certificate
const char* fingerprint = "2a 5b b5 29 ab 32 00 b2 fb 7d e3 fb b7 d9 af 98 44 32 60 58";

void setup() {
  Serial.begin(115200);
  Serial.println();
  Serial.print("connecting to ");
  Serial.println(ssid);
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }
  Serial.println("");
  Serial.println("WiFi connected");
  Serial.println("IP address: ");
  Serial.println(WiFi.localIP());
}

void loop() {
  // Use WiFiClientSecure class to create TLS connection
  WiFiClientSecure client;
  Serial.print("connecting to ");
  Serial.println(host);
  if (!client.connect(host, httpsPort)) {
    Serial.println("connection failed");
    return;
  }

  if (client.verify(fingerprint, host)) {
    Serial.println("certificate matches");
  } else {
    Serial.println("certificate doesn't match");
  }

  String url = "/";
  Serial.print("requesting URL: ");
  Serial.println(url);

  client.print(String("GET ") + url + " HTTP/1.1\r\n" +
               "Host: " + host + "\r\n" +
               "User-Agent: BuildFailureDetectorESP8266\r\n" +
               "Connection: close\r\n\r\n");

  Serial.println("request sent");
  while (client.connected()) {
    String line = client.readStringUntil('\n');
    if (line == "\r") {
      Serial.println("headers received");
      break;
    }
  }
  String line = client.readStringUntil('\n');
  if (line.startsWith("{\"state\":\"success\"")) {
    Serial.println("esp8266/Arduino CI successfull!");
  } else {
    Serial.println("esp8266/Arduino CI has failed");
  }
  Serial.println("reply was:");
  Serial.println("==========");
  Serial.println(line);
  Serial.println("==========");
  Serial.println("closing connection");
  delay(4000);
}

Debug Messages

WiFi connected
IP address: 
192.168.1.146
connecting to remoteboot.pro
:ref 1
ssl/tls1.c:549 malloc 6864, left 33200
please start sntp first !
State:  sending Client Hello (1)
:wr
:sent 52
:ww
:rn 1460
:rd 5, 1460, 0
:rdi 1460, 5
:rd 74, 1460, 5
:rdi 1455, 74
State:  receiving Server Hello (2)
:rd 5, 1460, 79
:rdi 1381, 5
:rd 1376, 1460, 84
:rdi 1376, 1376
:c0 1376, 1460
:rn 1460
:rd 1460, 1460, 0
:rdi 1460, 1460
:c0 1460, 1460
:rn 1460
:rd 1460, 1460, 0
:rdi 1460, 1460
:c0 1460, 1460
:rn 1132
:rd 1123, 1132, 0
:rdi 1132, 1123
State:  receiving Certificate (11)
crypto/bigint.c:1072 realloc 1032, left 28824
crypto/bigint.c:1072 realloc 1032, left 25240
crypto/bigint.c:1072 realloc 1028, left 21136
crypto/bigint.c:1072 realloc 2056, left 18976
crypto/bigint.c:1072 realloc 1032, left 17896
crypto/bigint.c:1072 realloc 1024, left 17384
crypto/bigint.c:1072 realloc 1032, left 14400
:rd 5, 1132, 1123
:rdi 9, 5
:rd 4, 1132, 1128
:rdi 4, 4
:c0 4, 1132
State:  receiving Server Hello Done (14)
crypto/bigint.c:1072 realloc 1024, left 10552
State:  sending Client Key Exchange (16)
:wr
:sent 267
:ww
:wr
:sent 6
:ww
State:  sending Finished (16)
:wr
:sent 69
:rn 75
:ww
:rd 5, 75, 0
:rdi 75, 5
:rd 1, 75, 5
:rdi 70, 1
:rd 5, 75, 6
:rdi 69, 5
:rd 64, 75, 11
:rdi 64, 64
:c0 64, 75
State:  receiving Finished (16)
cert FP: EE 50 48 0E 50 C1 85 AB 0A E8 F9 43 2F 15 CD 45 7B 1F C6 7C 
test FP: 2A 5B B5 29 AB 32 00 B2 FB 7D E3 FB B7 D9 AF 98 44 32 60 58 
fingerprint doesn't match
certificate doesn't match
requesting URL: /
ssl/tls1.c:1422 malloc 17408, left 21552
:wr
:sent 149
:rn 261
:rch 261, 53
:rcl
:abort
:ww
request sent
:rd 5, 314, 0
:rdi 261, 5
:rd 256, 314, 5
:rdi 256, 256
:c 256, 261, 314
:wcs ra 211esp8266/Arduino CI has failed
reply was:
==========
HTTP/1.1 200 OK

==========
closing connection
Alert: close notify
:ur 1
:del
connecting to remoteboot.pro
:ref 1
ssl/tls1.c:549 malloc 6864, left 33200
please start sntp first !
State:  sending Client Hello (1)
:wr
:sent 52
:ww
:rn 1460
:rd 5, 1460, 0
:rdi 1460, 5
:rd 74, 1460, 5
:rdi 1455, 74
State:  receiving Server Hello (2)
:rd 5, 1460, 79
:rdi 1381, 5
:rd:rch 1460, 1460
:rch 2920, 1460
:rch 4380, 1132
 1376, 1460, 84
:rdi 1376, 1376
:c 1376, 1460, 5512
:rd 4043, 4052, 0
:rdi 1460, 1460
:c 1460, 1460, 4052
:rdi 1460, 1460
:c 1460, 1460, 2592
:rdi 1132, 1123
State:  receiving Certificate (11)
crypto/bigint.c:1072 realloc 1032, left 28824
crypto/bigint.c:1072 realloc 1032, left 25240
crypto/bigint.c:1072 realloc 1028, left 21136
crypto/bigint.c:1072 realloc 2056, left 18976
crypto/bigint.c:1072 realloc 1032, left 17896
crypto/bigint.c:1072 realloc 1024, left 17384
crypto/bigint.c:1072 realloc 1032, left 14528
:rd 5, 1132, 1123
:rdi 9, 5
:rd 4, 1132, 1128
:rdi 4, 4
:c0 4, 1132
State:  receiving Server Hello Done (14)
crypto/bigint.c:1072 realloc 1024, left 10680
State:  sending Client Key Exchange (16)
:wr
:sent 267
:ww
:wr
:sent 6
:ww
State:  sending Finished (16)
:wr
:sent 69
:rn 75
:ww
:rd 5, 75, 0
:rdi 75, 5
:rd 1, 75, 5
:rdi 70, 1
:rd 5, 75, 6
:rdi 69, 5
:rd 64, 75, 11
:rdi 64, 64
:c0 64, 75
State:  receiving Finished (16)
cert FP: EE 50 48 0E 50 C1 85 AB 0A E8 F9 43 2F 15 CD 45 7B 1F C6 7C 
test FP: 2A 5B B5 29 AB 32 00 B2 FB 7D E3 FB B7 D9 AF 98 44 32 60 58 
fingerprint doesn't match
certificate doesn't match
requesting URL: /
ssl/tls1.c:1422 malloc 17408, left 21552
:wr
:sent 149
:rn 261
:rch 261, 53
:rcl
:abort
:ww
request sent
:rd 5, 314, 0
:rdi 261, 5
:rd 256, 314, 5
:rdi 256, 256
:c 256, 261, 314
:wcs ra 211esp8266/Arduino CI has failed
reply was:
==========
HTTP/1.1 200 OK

==========
closing connection
pm open,type:2 0
Alert: close notify
:ur 1
:del
connecting to remoteboot.pro
:ref 1
ssl/tls1.c:549 malloc 6864, left 33200
please start sntp first !
State:  sending Client Hello (1)
:wr
:sent 52
:ww
:rn 1460
:rd 5, 1460, 0
:rdi 1460, 5
:rd 74, 1460, 5
:rdi 1455, 74
State:  receiving Server Hello (2)
:rd 5, 1460, 79
:rdi 1381, 5
:rd 1376, 1460, 84
:r:rch 1460, 1460
:rch 2920, 1460
:rch 4380, 1132
di 1376, 1376
:c 1376, 1460, 5512
:rd 4043, 4052, 0
:rdi 1460, 1460
:c 1460, 1460, 4052
:rdi 1460, 1460
:c 1460, 1460, 2592
:rdi 1132, 1123
State:  receiving Certificate (11)
crypto/bigint.c:1072 realloc 1032, left 28824
crypto/bigint.c:1072 realloc 1032, left 25240
crypto/bigint.c:1072 realloc 1028, left 21136
crypto/bigint.c:1072 realloc 2056, left 18976
crypto/bigint.c:1072 realloc 1032, left 17896
crypto/bigint.c:1072 realloc 1024, left 17384
crypto/bigint.c:1072 realloc 1032, left 14528
:rd 5, 1132, 1123
:rdi 9, 5
:rd 4, 1132, 1128
:rdi 4, 4
:c0 4, 1132
State:  receiving Server Hello Done (14)
crypto/bigint.c:1072 realloc 1024, left 10680
State:  sending Client Key Exchange (16)
:wr
:sent 267
:ww
:wr
:sent 6
:ww
State:  sending Finished (16)
:wr
:sent 69
:rn 75
:ww
:rd 5, 75, 0
:rdi 75, 5
:rd 1, 75, 5
:rdi 70, 1
:rd 5, 75, 6
:rdi 69, 5
:rd 64, 75, 11
:rdi 64, 64
:c0 64, 75
State:  receiving Finished (16)
cert FP: EE 50 48 0E 50 C1 85 AB 0A E8 F9 43 2F 15 CD 45 7B 1F C6 7C 
test FP: 2A 5B B5 29 AB 32 00 B2 FB 7D E3 FB B7 D9 AF 98 44 32 60 58 
fingerprint doesn't match
certificate doesn't match
requesting URL: /
ssl/tls1.c:1422 malloc 17408, left 21552
:wr
:sent 149
:rn 261
:rch 261, 53
:rcl
:abort
:ww
request sent
:rd 5, 314, 0
:rdi 261, 5
:rd 256, 314, 5
:rdi 256, 256
:c 256, 261, 314
:wcs ra 211esp8266/Arduino CI has failed
reply was:
==========
HTTP/1.1 200 OK

==========
closing connection
Alert: close notify
:ur 1
:del
connecting to remoteboot.pro
:ref 1
ssl/tls1.c:549 malloc 6864, left 33200
please start sntp first !
State:  sending Client Hello (1)
:wr
:sent 52
:ww
:rn 1460
:rd 5, 1460, 0
:rdi 1460, 5
:rd 74, 1460, 5
:rdi 1455, 74
State:  receiving Server Hello (2)
:rd 5, 1460, 79
:rdi 1381, 5
:rd 1376, 1460, 84
:rdi 1376,:rch 1460, 1460
 1376
:c 1376, 1460, 2920
:rd:rch 1460, 1460
 1460, 1460, 0
:rdi 1460, 146:rch 2920, 1132
0
:c 1460, 1460, 4052
:rd 2583, 2592, 0
:rdi 1460, 1460
:c 1460, 1460, 2592
:rdi 1132, 1123
State:  receiving Certificate (11)
crypto/bigint.c:1072 realloc 1032, left 28824
crypto/bigint.c:1072 realloc 1032, left 25240
crypto/bigint.c:1072 realloc 1028, left 21136
crypto/bigint.c:1072 realloc 2056, left 18976
crypto/bigint.c:1072 realloc 1032, left 17896
crypto/bigint.c:1072 realloc 1024, left 17384
crypto/bigint.c:1072 realloc 1032, left 14528
:rd 5, 1132, 1123
:rdi 9, 5
:rd 4, 1132, 1128
:rdi 4, 4
:c0 4, 1132
State:  receiving Server Hello Done (14)
crypto/bigint.c:1072 realloc 1024, left 10680
State:  sending Client Key Exchange (16)
:wr
:sent 267
:ww
:wr
:sent 6
:ww
State:  sending Finished (16)
:wr
:sent 69
:rn 75
:ww
:rd 5, 75, 0
:rdi 75, 5
:rd 1, 75, 5
:rdi 70, 1
:rd 5, 75, 6
:rdi 69, 5
:rd 64, 75, 11
:rdi 64, 64
:c0 64, 75
State:  receiving Finished (16)
cert FP: EE 50 48 0E 50 C1 85 AB 0A E8 F9 43 2F 15 CD 45 7B 1F C6 7C 
test FP: 2A 5B B5 29 AB 32 00 B2 FB 7D E3 FB B7 D9 AF 98 44 32 60 58 
fingerprint doesn't match
certificate doesn't match
requesting URL: /
ssl/tls1.c:1422 malloc 17408, left 21552
:wr
:sent 149
:rn 261
:rch 261, 53
:rcl
:abort
:ww
request sent
:rd 5, 314, 0
:rdi 261, 5
:rd 256, 314, 5
:rdi 256, 256
:c 256, 261, 314
:wcs ra 211esp8266/Arduino CI has failed
reply was:
==========
HTTP/1.1 200 OK

==========
closing connection
Alert: close notify
:ur 1
:del
connecting to remoteboot.pro
:ref 1
ssl/tls1.c:549 malloc 6864, left 33200
please start sntp first !
State:  sending Client Hello (1)
:wr
:sent 52
:ww
:rn 1460
:rd 5, 1460, 0
:rdi 1460, 5
:rd 74, 1460, 5
:rdi 1455, 74
State:  receiving Server Hello (2)
:rd 5, 1460, 79
:rdi 1381, 5
:rd 1376,:rch 1460, 1460
:rch 2920, 1460
:rch 4380, 1132
 1460, 84
:rdi 1376, 1376
:c 1376, 1460, 5512
:rd 4043, 4052, 0
:rdi 1460, 1460
:c 1460, 1460, 4052
:rdi 1460, 1460
:c 1460, 1460, 2592
:rdi 1132, 1123
State:  receiving Certificate (11)
crypto/bigint.c:1072 realloc 1032, left 28824
crypto/bigint.c:1072 realloc 1032, left 25240
crypto/bigint.c:1072 realloc 1028, left 21136
crypto/bigint.c:1072 realloc 2056, left 18976
crypto/bigint.c:1072 realloc 1032, left 17896
crypto/bigint.c:1072 realloc 1024, left 17384
crypto/bigint.c:1072 realloc 1032, left 14528
:rd 5, 1132, 1123
:rdi 9, 5
:rd 4, 1132, 1128
:rdi 4, 4
:c0 4, 1132
State:  receiving Server Hello Done (14)
crypto/bigint.c:1072 realloc 1024, left 10680
State:  sending Client Key Exchange (16)
:wr
:sent 267
:ww
:wr
:sent 6
:ww
State:  sending Finished (16)
:wr
:sent 69
:rn 75
:ww
:rd 5, 75, 0
:rdi 75, 5
:rd 1, 75, 5
:rdi 70, 1
:rd 5, 75, 6
:rdi 69, 5
:rd 64, 75, 11
:rdi 64, 64
:c0 64, 75
State:  receiving Finished (16)
cert FP: EE 50 48 0E 50 C1 85 AB 0A E8 F9 43 2F 15 CD 45 7B 1F C6 7C 
test FP: 2A 5B B5 29 AB 32 00 B2 FB 7D E3 FB B7 D9 AF 98 44 32 60 58 
fingerprint doesn't match
certificate doesn't match
requesting URL: /
ssl/tls1.c:1422 malloc 17408, left 21552
:wr
:sent 149
:rn 261
:rch 261, 53
:rcl
:abort
:ww
request sent
:rd 5, 314, 0
:rdi 261, 5
:rd 256, 314, 5
:rdi 256, 256
:c 256, 261, 314
:wcs ra 211esp8266/Arduino CI has failed
reply was:
==========
HTTP/1.1 200 OK

==========
closing connection
Alert: close notify
:ur 1
:del
connecting to remoteboot.pro
:ref 1
ssl/tls1.c:549 malloc 6864, left 33200
please start sntp first !
State:  sending Client Hello (1)
:wr
:sent 52
:ww
:rn 1460
:rd 5, 1460, 0
:rdi 1460, 5
:rd 74, 1460, 5
:rdi 1455, 74
State:  receiving Server Hello (2)
:rd 5, 1460, 79
:rdi 1381, 5
:rd 1376, 1:rch 1460, 1460
:rch 2920, 1460
:rch 4380, 1132
460, 84
:rdi 1376, 1376
:c 1376, 1460, 5512
:rd 4043, 4052, 0
:rdi 1460, 1460
:c 1460, 1460, 4052
:rdi 1460, 1460
:c 1460, 1460, 2592
:rdi 1132, 1123
State:  receiving Certificate (11)
crypto/bigint.c:1072 realloc 1032, left 28824
crypto/bigint.c:1072 realloc 1032, left 25240
crypto/bigint.c:1072 realloc 1028, left 21136
crypto/bigint.c:1072 realloc 2056, left 18976
crypto/bigint.c:1072 realloc 1032, left 17896
crypto/bigint.c:1072 realloc 1024, left 17384
crypto/bigint.c:1072 realloc 1032, left 14528
:rd 5, 1132, 1123
:rdi 9, 5
:rd 4, 1132, 1128
:rdi 4, 4
:c0 4, 1132
State:  receiving Server Hello Done (14)
crypto/bigint.c:1072 realloc 1024, left 10680
State:  sending Client Key Exchange (16)
:wr
:sent 267
:ww
:wr
:sent 6
:ww
State:  sending Finished (16)
:wr
:sent 69
:rn 75
:ww
:rd 5, 75, 0
:rdi 75, 5
:rd 1, 75, 5
:rdi 70, 1
:rd 5, 75, 6
:rdi 69, 5
:rd 64, 75, 11
:rdi 64, 64
:c0 64, 75
State:  receiving Finished (16)
cert FP: EE 50 48 0E 50 C1 85 AB 0A E8 F9 43 2F 15 CD 45 7B 1F C6 7C 
test FP: 2A 5B B5 29 AB 32 00 B2 FB 7D E3 FB B7 D9 AF 98 44 32 60 58 
fingerprint doesn't match
certificate doesn't match
requesting URL: /
ssl/tls1.c:1422 malloc 17408, left 21552
:wr
:sent 149
:rn 261
:ww
request sent
:rd 5, 261, 0
:rdi 261, 5
:rd 256, 261, 5
:rdi 256, 256
:c0 256, 261
:wcs ra 211headers received
:rn 53
:rcl
:abort
:rd 5, 53, 0
:rdi 53, 5
:rd 48, 53, 5
:rdi 48, 48
:c0 48, 53
Alert: close notify
esp8266/Arduino CI has failed
reply was:
==========
BuildFailureDetectorESP8266
==========
closing connection

PORT CLOSED

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Metadata

Metadata

Assignees

No one assigned

    Labels

    component: librariestype: bug

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions