HTTPS connection on EC200A-AU

IoT Modules LTE Standard Module
1

My case.

I’m trying to connect my ESP32S3 to firebase using the EC200-AU module. As required by firebase’s real time database, I need to use a HTTPS connection in order to use REST to send crud requests.

What I tried.

I followd the HTTPS, SSL and FILE documents so I know that I need CACERT.PEM, CLIENTCERT.PEM and CLIENTKEY.PEM files in order to use https. I created those certificates with openssl and uploaded them to the module using qnavigator. Then I set up my ssl config. But everytime I make a get request to my url, i get “+CME ERROR: HTTP(S) socket connect error”.

Questions

  • Are my self signed certificates valid? Can I use openssl to generate them? If so, how should I do that?
  • What is the correct procedure to stablish the https tls 1.2 handshake?
  • Did I do something wrong or missed a step?

Logs:

  • ssl config
    CMD=AT+QICSGP=1,1,“WAP.GPRS.UNIFON.COM.AR”,“”,“”,1
    CMD=AT+QIACT=1
    CMD=AT+QIACT?
    CMD=AT+QSSLCFG=“sslversion”,1,3
    CMD=AT+QSSLCFG=“ciphersuite”,1,0XFFFF
    CMD=AT+QSSLCFG=“seclevel”,1,2
    CMD=AT+QSSLCFG=“cacert”,1,“UFS:cacert.pem”
    CMD=AT+QSSLCFG=“clientcert”,1,“UFS:clientcert.pem”
    CMD=AT+QSSLCFG=“clientkey”,1,“UFS:clientkey.pem”

  • GET REQUEST
    AT+QHTTPURL=URLLENGTH,80
    https://MYDATABASE-rtdb.firebaseio.com
    AT+QHTTPGET=80

2

Try to configure the following three instructions.
image

3

Hello. I tried that and still get the same error. I used postman with my certificates and I was able to make requests to my server. What else could be the problem? Should I modify the http headers?

4

Hi @Juan_Flores
What I gave you is just a case, the parameters in it need to be modified according to the current configuration of your module, which cannot be directly executed. According to the configuration of your AT instruction, the following instructions need to be executed:
AT+QSSLCFG=“ignoreinvalidcertsign”,1,1
AT+QSSLCFG=“ignoremulticertthainverify”,1,1
AT+QSSLCFG="sni“,1,1

5

Yes, I did modified it for my case but still, same response message.

6

Can you show me your request header?

7

I was able to make a get request to a json on the server!
How can I get my request headers?
In the documents says that AT+QHTTPCFG="requestheader"[<request_header>] should add headers but it doesn’t. I was able to add headers with AT+QHTTPCFG="reqheader/add",User-Agent,Quectel and remove them with AT+QHTTPCFG="reqheader/remove",User-Agent for example, but I don’t know how to get the current headers. Should I just reset the headers and rewrite them all before any request?

The ones I set to make the get request were:

User-Agent: Quectel
Accept: */*
Host: mydatabase-rtdb.firebaseio.com
Connection: keep-alive

I know that I also need to set Content-Type: application/json and Content-Length: legth to make a post request, for example.

8

You can use AT+QHTTPCFG=“contenttype”

ntent_type> ] The configuration is json.
image
If you don’t have any other special configuration you can configure AT+QHTTPCFG=“requestheader”,0 using QUECTEL’s default requestheader.

You can use POSTMAN to quickly group packages if you have to customize the request headers. The attachment has relevant operations for reference.

9

Ok, I will try that. Can you send me the files for the EC200A-AU? I only found the ones for the EC200U and some things are different. For example, in <content_type> it says:

  • 0 application/x-www-form-urlencoded
  • 1 text/plain
  • 2 application/octet-stream
  • 3 multipart/form-data

If you can, the SSL, HTTP and TCP IP files would be really helpful. Also, I do not know if there is a MQTT file for my modem.

10

The document you asked for has been sent to you, please check it