Hello, how to establish SSL connect to Telegram service to send a message in group chat with bot? I used
AT+CIPSTART=“SSL”,“api.telegram.org”,443 but it says error.
When i send just AT+CIPSTART=“TCP”,“api.telegram.org”,443 it says CONNECT, but when i am trying to send data to server it says “400 The plain HTTP request was sent to HTTPS port”, I used AT+CIPSSLCCONF=2 also (1 and 0) - the same answer in both cases.

So, i would appreciate if you could show me the whole process - every step with AT commands how to connect via HTPPS of strong SSL connection (certificate, key exchange , cipher spec and so on)?

Thank you.

Dear Sergei,

Probably you need to update Root CA for your connection.
To do so, you should use AT+CASEND command.
Please refer to latest AT instruction guide below:

Thanks.

Dear Viktor, thank you for the answer. Could you please show the example - what AT commands needs to be sent in this case for strong SSL connection? Unfortunately, no exact answers in the latest AT instruction guide.

Hello,

I believe that below commands shall be enough for SSL connection:
AT+CIPSSLCCONF=2

Update Root CA using AT+CASEND=1.
These should be enough for your SSL connection using CIPSTART.

You may refer to this example https://wizfi.github.io/Document/docs/connect_to_cloud/standalone_aws_atcmd#connection-procedure

Hope, I could help.

Dear Viktor, thank you for the answer.

Yes, i exactly performed this set of commands, namely :
AT+CIPSSLCCONF=2
AT+CASEND=1
uploaded in the module the Root certificate taken from api.telegram.org web site
AT+CIPSTART=“SSL”,“api.telegram.org ”,443

The answer is Error

But exactly the same i tested yandex.ru web site with SSL connection. It connects.
What can be wrong with Telegram?
Some kind of problems with version TLSv1.2 or TLSv1.3 for module?

Thank you.

Hello,

It could be caused by mismatch of ciphers.
Currently WizFi360 supports following ciphers:
TLS-RSA-WITH-AES-256-GCM-SHA384
TLS-RSA-WITH-AES-256-CBC-SHA256
TLS-RSA-WITH-AES-256-CBC-SHA
TLS-RSA-WITH-AES-128-GCM-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA.

I am not sure which ones are supported by telegram.org. But I think that’s the reason for connection error.

Dear Viktor, thank you for the answer!

We’d like to use WizFi360 in our projects to send messages directly from hardware. Is it possible to update your firmware in terms of SSL connection concerning Telegram service?

Here is some technichal information about Protocol: Detailed Description

As i know in module ESP8266 has already been realizaed SSL connection to Telegram service. There are many projects with it in Youtube .

Thank you.

Hello,

I will forward your request to developer’s team.
But it may take some time for development.

Dear Viktor, i’d like to update the information about problem with SSL connection to Telegram service.
There is online SSL Server Test SSL Server Test (Powered by Qualys SSL Labs) where all ciphers could be checked for any server.
It says that for Telegram it supports for TLSv1.2 only following

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

Is there any possibility to update firmware for WizFi360 module with one of these ciphers?
Thanks.

Hello,

As I mentioned before, I forwarded your request to developers’ team, but it may take some time for this work to be done.

Thank you so much for updating your firmware. It works fine with Telegram now. I am testing it now.