Hi.
I know that question about 701 error & problem with seclevel > 0 was discussed many times? I tried what was proposed, but I can’t get device working.
In my case BG96 is a part of B gateway. I communicate with it through UART of main processor (Mtk). I can connect to our server ( get code 200) only in seclevel 0. Otherwise
+QHTTPGET: 701.
my steps:
- pickup ca cert from my Ubuntu. ( Amazon_Root_CA_2.crt )
- replace all /n with /r/n ( unix2dos ) → ca.pem
- test it with curl ( curl --cacert /home/vova/BT/TesT-LTE-4/ca.pem https://api.a-dev.cleverrpm.net/api/test/reading ) - it works
- put it into main proc ( scp ./ca.pem root@192.168.66.1:/etc/config/clever )
- upload certs: ca.pem, cl.pem, key.pm to module
“AT+QFUPL="$sert",$filesize,20”
check if they really there … “at+qflst\r\n”
6.prepare module:
“ate1\r\n”
“at+cgreg?\r\n”
“at+qnwinfo\r\n”
“at+qicsgp=2,1,"IP",$provider\r\n”
“at+qiact?\r\n”
“AT+qiact=2\r\n”
“AT+qiact?\r\n”
“AT+qhttpcfg="contextid",2\r\n”
“AT+qhttpcfg="requestheader",0\r\n”
“AT+qhttpcfg="responseheader",1\r\n”
“AT+qhttpcfg="sslctxid",1\r\n”
“AT+qsslcfg="sslversion",1,3\r\n”
“AT+qsslcfg="ciphersuite",1,0XC028\r\n” ( server has that cipher) (with 0xffff result the same)
“AT+qsslcfg="seclevel",1,1\r\n”
“AT+qsslcfg="cacert",1,"cacert.pem"\r\n”
“AT+qsslcfg="clientcert",1,"clientcert.pem"\r\n”
“AT+qsslcfg="clientkey",1,"clientkey.pem"\r\n”
“AT+qsslcfg="ignorelocaltime",1,1\r\n”
“AT+qsslcfg="negotiatetime",1,60\r\n”
“AT+qsslcfg="sni",1,0\r\n” ( no matter 0 or 1)
even test cacert presence :
“AT+qsslcfg="cacert",1\r\n”
+QSSLCFG: “cacert”,1,“UFS:cacert.pem”
??? when upload certs I specified file as carset.pem without UFS: is that correct ??
local url="https://g.a-dev.cle…
nurl=${#url}
“AT+qhttpurl=$nurl,10\r\n”
send url to module
check with “AT+QHTTPURL?\r\n”
and then
“AT+QHTTPGET=60\r\n”
always as a response I get +QHTTPGET: 701
All commands return OK.
BG firmware is R0207M1G
Any ideas?
Where is an error or what tests can be made to clarify situation ?