WIZnet Developer Forum

Wizfi360 SSL broken

Under the latest firmware, 1.0.7.2, attempting to connect via SSL over sockets 0 or 1 always returns an error, irregardless of the CIPSSLCCONF set to 0 or 1. It doesn’t seem to even attempt a connection.

Under firmware version 1.0.2.5, which is the version I had previously, an SSL connection was only possibly over socket 0, and always returned an error when trying to use socket 1.

I’m trying to evaluate this module, and figured updating to the latest firmware revision may fix the previous issue described above, but it seems that SSL is completely broken. Open to any suggestions to try. Thanks,

Nick

Hello Nfvelado

Can you tell me how to test the SSL connection? (AT Commands, Domain and port)
I tested the SSL connection to our site www.wiznet.io.
that was normal.
Please refer to below picture.

Hi Mason,

Thanks for the quick reply. I believe there are actually two issues here. One, SSL does not work for anything other than CIPSSLCCONF set to 0, the other, is that the way I’m testing hitting my sandbox is using a not mutually supported cipher algorithm. When I try to connect to our production gateway, it connects. Also, the older firmware worked, so the ciper suite must have been updated for TLS, I’m guessing, which is why it fails for my sandbox. I’m not sure why it previously worked for socket 0 and not socket 1 though, but nonetheless, here’s what I’m seeing:

[27/07/20 - 13:40:08:548] AT+GMR
[27/07/20 - 13:40:08:569] AT version:1.0.7.2(Mar 9 2020 08:25:32)
[27/07/20 - 13:40:08:575] SDK version:3.2.0(a0ffff9f)
[27/07/20 - 13:40:08:577] compile time:Mar 9 2020 08:25:32
[27/07/20 - 13:40:08:577]
[27/07/20 - 13:40:08:577] OK
[27/07/20 - 13:40:16:808] AT+CWMODE_CUR=1
[27/07/20 - 13:40:16:808]
[27/07/20 - 13:40:16:808] OK
[27/07/20 - 13:40:25:094] AT+CIPMUX=1
[27/07/20 - 13:40:25:094]
[27/07/20 - 13:40:25:094] OK
[27/07/20 - 13:40:38:660] AT+CIPSSLCCONF?
[27/07/20 - 13:40:40:052] +CIPSSLCCONF:0
[27/07/20 - 13:40:40:052]
[27/07/20 - 13:40:40:052] OK
[27/07/20 - 13:41:30:011] AT+CWJAP_CUR=“xxxxxxx”,“xxxxxx”
[27/07/20 - 13:41:36:282] WIFI CONNECTED
[27/07/20 - 13:41:36:282] WIFI GOT IP
[27/07/20 - 13:41:36:282]
[27/07/20 - 13:41:36:282] OK
[27/07/20 - 13:42:22:018] AT+CIPSTART=1,“SSL”,“WWW.GOOGLE.COM”,443
[27/07/20 - 13:42:22:259] 1,CONNECT
[27/07/20 - 13:42:22:259]
[27/07/20 - 13:42:22:260] OK
[27/07/20 - 13:42:32:129] 1,CLOSED
[27/07/20 - 13:42:42:334] AT+CIPSSLCCONF=1
[27/07/20 - 13:42:42:334]
[27/07/20 - 13:42:42:335] OK
[27/07/20 - 13:43:00:763] AT+CIPSTART=1,“SSL”,“WWW.GOOGLE.COM”,443
[27/07/20 - 13:43:00:779]
[27/07/20 - 13:43:00:779] ERROR

Then, same for sslcconf set to 2 since the forum only lets new users type two urls.

Going to continue to test assuming that my sandbox setup is the issue and that we should be good when using the production server. Thanks,

Nick

Hello Nfvelado

Our AT+CIPSSLCCONF command operates as mbedtls_ssl_conf_authmode.

0 : MBEDTLS_SSL_VERIFY_NONE
1 : MBEDTLS_SSL_VERIFY_OPTIONAL
2 : MBEDTLS_SSL_VERIFY_REQUIRED

so if you want to use 1 or 2 option, you have to input ROOT CA of server.
You used the MBEDTLS_SSL_VERIFY_OPTIONAL but your module didn’t connect to google.
I think, That because your module didn’t have Root CA. so Error occurred at x509 parsing.

The WizFi360 can be input through AT+CASEND Command.
Please refer to our AT Command document’s page 44 through below link.

Thank you.

Hi Mason,

Thanks for confirming on this, that makes sense. We can close this one out.

Nick

Copyright © 2017 WIZnet Co., Ltd. All Rights Reserved.