wizfi360 SSL connection to api.telegram.org ?

kazansergei · February 22, 2021, 12:14pm

Hello, how to establish SSL connect to Telegram service to send a message in group chat with bot? I used
AT+CIPSTART=“SSL”,“api.telegram.org”,443 but it says error.
When i send just AT+CIPSTART=“TCP”,“api.telegram.org”,443 it says CONNECT, but when i am trying to send data to server it says “400 The plain HTTP request was sent to HTTPS port”, I used AT+CIPSSLCCONF=2 also (1 and 0) - the same answer in both cases.

So, i would appreciate if you could show me the whole process - every step with AT commands how to connect via HTPPS of strong SSL connection (certificate, key exchange , cipher spec and so on)?

Thank you.

Viktor · February 22, 2021, 11:44pm

Dear Sergei,

Probably you need to update Root CA for your connection.
To do so, you should use AT+CASEND command.
Please refer to latest AT instruction guide below:

Thanks.

kazansergei · February 23, 2021, 7:50pm

Dear Viktor, thank you for the answer. Could you please show the example - what AT commands needs to be sent in this case for strong SSL connection? Unfortunately, no exact answers in the latest AT instruction guide.

Viktor · February 26, 2021, 4:50am

Hello,

I believe that below commands shall be enough for SSL connection:
AT+CIPSSLCCONF=2

Update Root CA using AT+CASEND=1.
These should be enough for your SSL connection using CIPSTART.

You may refer to this example https://wizfi.github.io/Document/docs/connect_to_cloud/standalone_aws_atcmd#connection-procedure

Hope, I could help.

kazansergei · February 26, 2021, 9:14pm

Dear Viktor, thank you for the answer.

Yes, i exactly performed this set of commands, namely :
AT+CIPSSLCCONF=2
AT+CASEND=1
uploaded in the module the Root certificate taken from api.telegram.org web site
AT+CIPSTART=“SSL”,“api.telegram.org ”,443

The answer is Error

But exactly the same i tested yandex.ru web site with SSL connection. It connects.
What can be wrong with Telegram?
Some kind of problems with version TLSv1.2 or TLSv1.3 for module?

Thank you.

Viktor · March 2, 2021, 5:55am

Hello,

It could be caused by mismatch of ciphers.
Currently WizFi360 supports following ciphers:
TLS-RSA-WITH-AES-256-GCM-SHA384
TLS-RSA-WITH-AES-256-CBC-SHA256
TLS-RSA-WITH-AES-256-CBC-SHA
TLS-RSA-WITH-AES-128-GCM-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA.

I am not sure which ones are supported by telegram.org. But I think that’s the reason for connection error.

kazansergei · March 2, 2021, 9:10pm

Dear Viktor, thank you for the answer!

We’d like to use WizFi360 in our projects to send messages directly from hardware. Is it possible to update your firmware in terms of SSL connection concerning Telegram service?

Here is some technichal information about Protocol: Detailed Description

As i know in module ESP8266 has already been realizaed SSL connection to Telegram service. There are many projects with it in Youtube .

Thank you.

Viktor · March 4, 2021, 7:48am

Hello,

I will forward your request to developer’s team.
But it may take some time for development.