Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unable to connect to wss with esp32 #101

Open
doublep21 opened this issue Mar 3, 2021 · 10 comments
Open

unable to connect to wss with esp32 #101

doublep21 opened this issue Mar 3, 2021 · 10 comments
Assignees
@gilmaimon
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@doublep21
Copy link

doublep21 commented Mar 3, 2021
edited
Loading

unable to connect to wss with esp32 after porting all project to a new pc , i think is a new version of something the issue .
i don't have a ca certificate in the code , before was working fine without.

[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 257808
[E][WiFiClientSecure.cpp:127] connect(): start_ssl_client: -1
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[E][WiFiClient.cpp:309] setOption(): fail on fd -1, errno: 9, "Bad file number"

with esperiff 2.0 works fine
qith esperiff 3.1 do not work
is this a bug?
@gilmaimon
Copy link
Owner

gilmaimon commented Mar 6, 2021
edited
Loading

Hi!

I'm not actually sure, this might be a bug if you say it worked with earlier version of the esp libraries. Just to make sure I understand you, what do you mean by esperiff 3.1?

Consider sharing the relevant parts of your code, and double checking your setup..

Gil.

@doublep21
Copy link
Author

doublep21 commented Mar 6, 2021
edited
Loading

on PlatformIO is called platform "Espressif 32" , 3.1 obviously is the version.

The code :

#include <ArduinoWebsockets.h>
#include <WiFi.h>

const char* websockets_server = "wss://192.168.0.4:81"; //server adress and port
unsigned int ConnectionTimeout = 5000;

extern String getValue(String data, char separator, int index);
extern String getIO();
extern String setIO(int pin,int status);
extern String getTemperature();
extern String setPWM(int pin,int freq,int res,int duty);

bool cc = false;
void connectws();

using namespace websockets;
WebsocketsClient client;


void onMessageCallback(WebsocketsMessage message) {
    Serial.print("Got Message: ");
    Serial.println(message.data());
    String data = message.data();
    if (data.charAt(0) == '/') {
        if(data == "/gettemp"){
            client.send(getTemperature());
        }
        if(data == "/getio"){
            client.send("/io?object="+getIO());
        }
        if(getValue(data, '?', 0) == "/setio"){
            if(getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 0) == "pin"){
                String pin = getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 1);
                String status = getValue(getValue(getValue(data, '?', 1), '&', 1), '=', 1);        
                client.send(setIO( pin.toInt() , status.toInt() )); 
            }      
        }
        if(getValue(data, '?', 0) == "/setpwm"){
            if(getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 0) == "pin"){
                String pin = getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 1);
                String freq = getValue(getValue(getValue(data, '?', 1), '&', 1), '=', 1);
                String res = getValue(getValue(getValue(data, '?', 1), '&', 2), '=', 1); 
                String duty = getValue(getValue(getValue(data, '?', 1), '&', 3), '=', 1);         
                client.send(setPWM( pin.toInt() , freq.toInt(), res.toInt(), duty.toInt() )); 
            }      
        }
    }
}

void onEventsCallback(WebsocketsEvent event, String data) {
    if(event == WebsocketsEvent::ConnectionOpened) {
        Serial.println("Connnection Opened");
    } else if(event == WebsocketsEvent::ConnectionClosed) {
        Serial.println("Connnection Closed");
    } else if(event == WebsocketsEvent::GotPing) {
        Serial.println("Got a Ping!");
    } else if(event == WebsocketsEvent::GotPong) {
        Serial.print(millis());
        Serial.println(": Got a Pong!");
        cc = true;
    }
}


void wsSetup(){
     // Setup Callbacks
    client.onMessage(onMessageCallback);
    client.onEvent(onEventsCallback);
    connectws();
}


void connectws(){
    // Connect to server
    // Before connecting, set the ssl fingerprint of the server
    // client.setCACert(ssl_ca_cert);
    bool connected = client.connect(websockets_server);
    if(connected) {
        Serial.println("Connected!");
        client.send("/login?ESP="+WiFi.macAddress()+"&auth="+"*"+"&HasTempSensor=1"+"&IsIO=1");
        cc = true;
    } else {
        cc = false;
        Serial.println("Not Connected!");
    }
}

void connectionCheck(){
    //client.send("ping");
    client.ping();
    cc = false;
}

unsigned long startmillis = millis();
String s;
void wsloop(){
    if (startmillis + ConnectionTimeout < millis()){
        startmillis = startmillis + ConnectionTimeout;
        if(!cc){
            connectws();
        }
        connectionCheck();
    }
    client.poll();
    if (Serial.available() > 0) {
        s = Serial.readString();
        client.send(s);
    }
}

@JasXSL
Copy link

JasXSL commented Mar 12, 2021
edited
Loading

I have the same issue, I used the Secured-Esp32-Client.ino example. Replaced client.setCACert(echo_org_ssl_ca_cert); with client.setInsecure();. And it doesn't work on Arduino ESP32 1.0.5 (released on the 23rd Feb), but does work on 1.0.4.

@gilmaimon gilmaimon added bug Something isn't working help wanted Extra attention is needed labels Mar 14, 2021
@gilmaimon
Copy link
Owner

Hi @doublep21, thanks for opening this issue and including your code.

I suspect that the issue with your code is this commented line:

// client.setCACert(ssl_ca_cert);

You must provide some kind of certificate for the server you are connecting to (if it is done using SSL [wss]). Insecure connection might be unsupported for newer versions of the framework, as @JasXSL mentioned. This could be a nice feature to add (to remove the setInsecture() method if framework version is new enough and platform is esp32), but other than that, there isn't much the library can do (unless they added some explicit feature for insecure connection in the new platform code)

Gil.

@JasXSL
Copy link

JasXSL commented Mar 14, 2021

So the new ESP version is blocking the setInsecure method?

@khoih-prog
Copy link
Contributor

khoih-prog commented Apr 15, 2021
edited
Loading

If you're using wss://echo.websocket.org, update your CA Cert as follows:

// This certificate was updated 15.04.2021, issues on Mar 15th 2021, expired on June 13th 2021
const char echo_org_ssl_ca_cert[] PROGMEM = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" \
"MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" \
"DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" \
"MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" \
"AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" \
"jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" \
"Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" \
"U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" \
"gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" \
"/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" \
"oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" \
"BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" \
"ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" \
"p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" \
"AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" \
"Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" \
"LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" \
"r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" \
"AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" \
"ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" \
"S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" \
"qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" \
"O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" \
"UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" \
"-----END CERTIFICATE-----\n";

This is the terminal output when using new SSL Cert

Starting WebSockets Secured-ESP32-Client on ESP32_DEV
...
Connected to Wifi, Connecting to WebSockets Server @wss://echo.websocket.org/
Connnection Opened
Connected!
Got Message: Hello to Server from ESP32_DEV
Got a Pong!
Got Message: Hello Server
Got a Pong!

Please also check the solved issue in Secured-Esp32-Client Example not works on NodeMcu32s (Esp32s) #16

@gilmaimon
Copy link
Owner

If you're using wss://echo.websocket.org, update your CA Cert as follows:

// This certificate was updated 15.04.2021, issues on Mar 15th 2021, expired on June 13th 2021
const char echo_org_ssl_ca_cert[] PROGMEM = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" \
"MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" \
"DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" \
"MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" \
"AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" \
"jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" \
"Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" \
"U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" \
"gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" \
"/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" \
"oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" \
"BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" \
"ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" \
"p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" \
"AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" \
"Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" \
"LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" \
"r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" \
"AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" \
"ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" \
"S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" \
"qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" \
"O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" \
"UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" \
"-----END CERTIFICATE-----\n";

This is the terminal output when using new SSL Cert

Starting WebSockets Secured-ESP32-Client on ESP32_DEV
...
Connected to Wifi, Connecting to WebSockets Server @wss://echo.websocket.org/
Connnection Opened
Connected!
Got Message: Hello to Server from ESP32_DEV
Got a Pong!
Got Message: Hello Server
Got a Pong!

Please also check the solved issue in Secured-Esp32-Client Example not works on NodeMcu32s (Esp32s) #16

Awesome! Do you like to open a PR and change the certificate in the example? I can do it myself, but I think you should get the credit.

@khoih-prog khoih-prog mentioned this issue May 1, 2021
Merged
@LioRei
Copy link

LioRei commented May 12, 2021

I've created a PR for the lib WebSockets2_Generic wich solve this problem => khoih-prog/WebSockets2_Generic#18 like the lib is based on this lib, the porting of it is really easy. Do you want me to create a PR for this for your lib ?

@ln-12
Copy link
Contributor

ln-12 commented Jul 26, 2021
edited
Loading

I can also not connect to a secured websocket using the following code:

#include <ArduinoWebsockets.h>
#include <WiFi.h>

const char* ssid = "XXX"; //Enter SSID
const char* password = "XXX"; //Enter Password

const char* websockets_connection_string = "wss://echo.websocket.org/"; //Enter server adress

const char echo_org_ssl_ca_cert[] PROGMEM = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIFMTCCBBmgAwIBAgISA+YsE2kLGzw6wgvSftCq4+JOMA0GCSqGSIb3DQEBCwUA\n" \
"MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" \
"EwJSMzAeFw0yMTA1MjQxOTM1MzRaFw0yMTA4MjIxOTM1MzRaMBgxFjAUBgNVBAMT\n" \
"DXdlYnNvY2tldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1\n" \
"4oXUJYaP9DoJ0gMoe3CLd49aoqoKvxSvP+VJ7ZVFXDjsG1ocXCyQFxmSvcM1IF6Y\n" \
"qJKJEHnoztYNvDbUD0Mr3Y5xwxeQXUv3B05gik4w2F18/iQQRDaIlQ4WDDUN7VaO\n" \
"sgxxsk9o2NBMqWu0fuzLWreJpXI+/q3/wTwekWybKnFFeH7DtDNDCgyjVc3Ev/Xy\n" \
"Jqt0cn6g4+lYMs9As652aUzwLvLKlEizGlN4nObKtXL0e9UGPBkEBkTAKIPlBQoS\n" \
"W0xkhW0sRhh9+mINNlrtINkyCtYQzSpF8Ye8rHThvCPoT+AzNtCqMsAXtg81dKAL\n" \
"/m1R3/HaZADnlBhKXU+1AgMBAAGjggJZMIICVTAOBgNVHQ8BAf8EBAMCBaAwHQYD\n" \
"VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n" \
"BBYEFCqjryo437DlUGeOCGa/invUBuVuMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ\n" \
"QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz\n" \
"Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv\n" \
"MCkGA1UdEQQiMCCCDyoud2Vic29ja2V0Lm9yZ4INd2Vic29ja2V0Lm9yZzBMBgNV\n" \
"HSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpo\n" \
"dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA\n" \
"8AB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABeaAXBpYAAAQD\n" \
"AEgwRgIhAPMeO7rzATtXB6U/+nbTHSDYS9mmZmy8oNa0OecCRNVkAiEA1SkPJX6I\n" \
"w3+UjtI8McOKSXjoVS6QL7QtaDRMxDm0W10AdQD2XJQv0XcwIhRUGAgwlFaO400T\n" \
"GTO/3wwvIAvMTvFk4wAAAXmgFwcJAAAEAwBGMEQCIC/Mm6/4C09aTpvpdg9bcJ+R\n" \
"dn8H5a47q+k9IbDL0h/sAiB4zMDuivp8ohxf3B24w/gBmVy0V8JgTSHDWPbctnwq\n" \
"8DANBgkqhkiG9w0BAQsFAAOCAQEAgEh0VR4F44La1CbCMstxPDE/aTvirg+odT+f\n" \
"9U3SnsjDpBlifbOe/nby1EIHfwJ+h6sXCwsy9IupbNC8QkUO6Xb1eIstTxS/PhdV\n" \
"i9URTqIqOXgRHWfPGzuYjeQQIlsS/B0ma7NWeAzyipfrFVSt3AGKMZDox+ohbAyA\n" \
"Kqzbg193BrgBhNjtD4DpHbo2OXjcsXjneI6yNruQP8hwpucPb1E4pam3+h4zH6uv\n" \
"qzeCo2EqimtRsWlGbcLpY0t40Hlpa5jaV6pOiJFGqqMkJtiThgB03ycGp0TpG65Q\n" \
"DuXzWnD/cBQaSQ3kBu6KuYwTxftJNrCs0ANJLxjrhvC4r6Af/A==\n" \
"-----END CERTIFICATE-----\n";

using namespace websockets;

void onMessageCallback(WebsocketsMessage message) {
    Serial.print("Got Message: ");
    Serial.println(message.data());
}

void onEventsCallback(WebsocketsEvent event, String data) {
    if(event == WebsocketsEvent::ConnectionOpened) {
        Serial.println("Connnection Opened");
    } else if(event == WebsocketsEvent::ConnectionClosed) {
        Serial.println("Connnection Closed");
    } else if(event == WebsocketsEvent::GotPing) {
        Serial.println("Got a Ping!");
    } else if(event == WebsocketsEvent::GotPong) {
        Serial.println("Got a Pong!");
    }
}

WebsocketsClient client;
void setup() {
    Serial.begin(115200);
    WiFi.begin(ssid, password);

    // Wait some time to connect to wifi
    for(int i = 0; i < 10 && WiFi.status() != WL_CONNECTED; i++) {
        Serial.print(".");
        delay(1000);
    }

    // Check if connected to wifi
    if(WiFi.status() != WL_CONNECTED) {
        Serial.println("No Wifi!");
        return;
    }

    client.setCACert(echo_org_ssl_ca_cert);

    Serial.println("Connected to Wifi, Connecting to server.");
    // try to connect to Websockets server
    bool connected = client.connect(websockets_connection_string);
    if(connected) {
        Serial.println("Connected!");
        client.send("Hello Server");
    } else {
        Serial.println("Not Connected!");
    }
    
    // run callback when messages are received
    client.onMessage([&](WebsocketsMessage message){
        Serial.print("Got Message: ");
        Serial.println(message.data());
    });
}

void loop() {
    // let the websockets client check for incoming messages
    if(client.available()) {
        client.poll();
    }
    delay(500);
}

I downloaded the current certificate from the website:

echo | openssl s_client -servername echo.websocket.org -connect echo.websocket.org:443
CONNECTED(00000005)
depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = websocket.org
verify return:1
---
Certificate chain
 0 s:/CN=websocket.org
   i:/C=US/O=Let's Encrypt/CN=R3
 1 s:/C=US/O=Let's Encrypt/CN=R3
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
 2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISA+YsE2kLGzw6wgvSftCq4+JOMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA1MjQxOTM1MzRaFw0yMTA4MjIxOTM1MzRaMBgxFjAUBgNVBAMT
DXdlYnNvY2tldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1
4oXUJYaP9DoJ0gMoe3CLd49aoqoKvxSvP+VJ7ZVFXDjsG1ocXCyQFxmSvcM1IF6Y
qJKJEHnoztYNvDbUD0Mr3Y5xwxeQXUv3B05gik4w2F18/iQQRDaIlQ4WDDUN7VaO
sgxxsk9o2NBMqWu0fuzLWreJpXI+/q3/wTwekWybKnFFeH7DtDNDCgyjVc3Ev/Xy
Jqt0cn6g4+lYMs9As652aUzwLvLKlEizGlN4nObKtXL0e9UGPBkEBkTAKIPlBQoS
W0xkhW0sRhh9+mINNlrtINkyCtYQzSpF8Ye8rHThvCPoT+AzNtCqMsAXtg81dKAL
/m1R3/HaZADnlBhKXU+1AgMBAAGjggJZMIICVTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFCqjryo437DlUGeOCGa/invUBuVuMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MCkGA1UdEQQiMCCCDyoud2Vic29ja2V0Lm9yZ4INd2Vic29ja2V0Lm9yZzBMBgNV
HSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpo
dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABeaAXBpYAAAQD
AEgwRgIhAPMeO7rzATtXB6U/+nbTHSDYS9mmZmy8oNa0OecCRNVkAiEA1SkPJX6I
w3+UjtI8McOKSXjoVS6QL7QtaDRMxDm0W10AdQD2XJQv0XcwIhRUGAgwlFaO400T
GTO/3wwvIAvMTvFk4wAAAXmgFwcJAAAEAwBGMEQCIC/Mm6/4C09aTpvpdg9bcJ+R
dn8H5a47q+k9IbDL0h/sAiB4zMDuivp8ohxf3B24w/gBmVy0V8JgTSHDWPbctnwq
8DANBgkqhkiG9w0BAQsFAAOCAQEAgEh0VR4F44La1CbCMstxPDE/aTvirg+odT+f
9U3SnsjDpBlifbOe/nby1EIHfwJ+h6sXCwsy9IupbNC8QkUO6Xb1eIstTxS/PhdV
i9URTqIqOXgRHWfPGzuYjeQQIlsS/B0ma7NWeAzyipfrFVSt3AGKMZDox+ohbAyA
Kqzbg193BrgBhNjtD4DpHbo2OXjcsXjneI6yNruQP8hwpucPb1E4pam3+h4zH6uv
qzeCo2EqimtRsWlGbcLpY0t40Hlpa5jaV6pOiJFGqqMkJtiThgB03ycGp0TpG65Q
DuXzWnD/cBQaSQ3kBu6KuYwTxftJNrCs0ANJLxjrhvC4r6Af/A==
-----END CERTIFICATE-----
subject=/CN=websocket.org
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
---
SSL handshake has read 4200 bytes and written 565 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : AES128-SHA
    Session-ID: 60FEF304384F3BCAE6078DDB72DA8971D69CC38DA1E633A4E73C14186E6A9560
    Session-ID-ctx: 
    Master-Key: B9B5D54AF6C26D70AB1FEB7D0A9216628DF18E519195409741228F55AB51449C13302652F045CD0DDBE505368C3EE6E2
    Start Time: 1627321097
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
DONE

I only get the following output:

...Connected to Wifi, Connecting to server.
Not Connected!

@ln-12
Copy link
Contributor

ln-12 commented Jul 26, 2021
edited
Loading

I̶ ̶a̶l̶s̶o̶ ̶t̶e̶s̶t̶e̶d̶ ̶t̶h̶e̶ ̶l̶a̶t̶e̶s̶t̶ ̶v̶e̶r̶s̶i̶o̶n̶ ̶[̶2̶.̶0̶.̶0̶ ̶R̶C̶1̶]̶(̶h̶t̶t̶p̶s̶:̶/̶/̶g̶i̶t̶h̶u̶b̶.̶c̶o̶m̶/̶e̶s̶p̶r̶e̶s̶s̶i̶f̶/̶a̶r̶d̶u̶i̶n̶o̶-̶e̶s̶p̶3̶2̶/̶r̶e̶l̶e̶a̶s̶e̶s̶/̶t̶a̶g̶/̶2̶.̶0̶.̶0̶-̶r̶c̶1̶)̶,̶ ̶b̶u̶t̶ ̶i̶t̶ ̶d̶o̶e̶s̶n̶'̶t̶ ̶w̶o̶r̶k̶ e̶i̶t̶h̶e̶r̶.̶ ̶T̶h̶e̶ ̶[̶W̶e̶b̶S̶o̶c̶k̶e̶t̶s̶2̶_̶G̶e̶n̶e̶r̶i̶c̶]̶(̶h̶t̶t̶p̶s̶:̶/̶/̶g̶i̶t̶h̶u̶b̶.̶c̶o̶m̶/̶k̶h̶o̶i̶h̶-̶p̶r̶o̶g̶/̶W̶e̶b̶S̶o̶c̶k̶e̶t̶s̶2̶_̶G̶e̶n̶e̶r̶i̶c̶)̶ ̶l̶i̶b̶r̶a̶r̶y̶ ̶i̶s̶ ̶a̶l̶s̶o̶ ̶n̶o̶t̶ ̶w̶o̶r̶k̶i̶n̶g̶ ̶f̶o̶r̶ ̶m̶e̶,̶ ̶s̶o̶ m̶a̶y̶b̶e̶ ̶i̶t̶ ̶h̶a̶s̶ ̶t̶o̶ ̶d̶o̶ ̶s̶o̶e̶m̶t̶h̶i̶n̶g̶ ̶w̶i̶t̶h̶ ̶t̶h̶e̶ ̶b̶o̶a̶r̶d̶ ̶r̶e̶v̶ ̶o̶r̶ ̶s̶o̶?̶

I finally found the answer thanks to this comment. I was using the first certificate, but the second was needed. Sorry, my bad.

The right command is:

$ openssl s_client -showcerts -connect websocket.org:443

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gilmaimon gilmaimon

Labels
bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@JasXSL @LioRei @gilmaimon @doublep21 @ln-12 @khoih-prog