HTTPS problem with MC60

Hi
I am working on mc60 and I am trying to connect to a https server.
I create my ca_cert.pem and private_key.pem and public_key.pem with open ssl and I also test the key and every things is ok but when I try to connect to a https server “https://www.google.com/” I get the error code:"+CME ERROR: 3815" what is the problem?
What is the “clientcert” ? Is it my “public_key.pem” or ?
I search for SSL it contain a “certificate” and a " public_key" and a “private_key”.What is the “clientcert” in HTTPS documentation?

AT

OK
AT+QIFGCNT=0

OK
AT+QICSGP=1,“mcinet”

OK
AT+QIREGAPP

OK
AT+QIACT

OK
AT+QILOCIP

21.25.13.78
AT+QSSLCFG=“sslversion”,1,4

OK
AT+QSSLCFG=“seclevel”,1,2

OK
AT+QSSLCFG=“ciphersuite”,1,“0XFFFF”

OK
AT+QSECWRITE=“RAM:ca_cert.pem”,1460,100

CONNECT

+QSECWRITE: 1460,a70

OK
AT+QSECWRITE=“RAM:client_cert.pem”,460,100

CONNECT

+QSECWRITE: 460,330e

OK
AT+QSECWRITE=“RAM:client_key.pem”,1884,100

CONNECT

+QSECWRITE: 1884,506f

OK
AT+QSSLCFG=“cacert”,1,“RAM:ca_cert.pem”

OK
AT+QSSLCFG=“clientcert”,1,“RAM:client_cert.pem”

OK
AT+QSSLCFG=“clientkey”,1,“RAM:client_key.pem”

OK
AT+QSSLCFG=“ignorertctime”,1

OK
AT+QSSLCFG=“https”,1

OK
AT+QSSLCFG=“httpsctxi”,1

OK
AT+QHTTPURL=24,60

CONNECT

OK
AT+QHTTPGET=10

+CME ERROR: 3815
AT+QHTTPGET=10

+CME ERROR: 3815
https://www.google.com/

ERROR
AT+QHTTPURL=24,60

CONNECT

OK
AT+QHTTPGET=60

+CME ERROR: 3815

Hi star333:
The clientcert means public_key.
The clientkey means private_key.
And please note that the URL length of “https://www.google.com/” is 23.
If it still doesn’t work you can try to connect without authentication：
AT+QSSLCFG=“seclevel”,1,0

thanks for your answere .
I test it.
I find a document on Quectel from the topic is " [MC60] Generate SSL certificate".
This topic consist a PDF on this pdf mention “Please copy ca.pl(attached in email)…” and “Copy openssl.cnf into demoCA folder” what is this file and why I need them ?and how I can find them ?
Thanks

It depends on the type of server you have.If your server is one-way authenticated or two-way authenticated,the module needs certificates when it connects to the server.For more details, please refer to the following documentation:
https://www.quectel.com/download/quectel_gsm_https_application_note_v3-3/

I test with AT+QSSLCFG=“seclevel”,1,0.
only work for “https://www.google.com/” for anothe site I get the error :

AT+QHTTPGET=60
+CME ERROR: 3829

If I dont uploade the “.pem” files it stil work for “https://www.google.com/” and for anothe site I get the +CME ERROR: 3829
I think somthins is wrong in my confog.
what I do ?
I generate my keys with open ssl and this commands:

openssl req -x509 -newkey rsa:2048 -days 365 -keyout privatekey.pem -out cert.pem
openssl rsa -in privatekey.pem -pubout -out publikkey.pem

And test my keys with this command :

openssl rsautl -encrypt -pubin -inkey publikkey.pem -in plaintext.txt -out encrypted.txt
openssl rsautl -decrypt -inkey privatekey.pem -in encrypted.txt -out plaintext.txt

My public and private key are OK what is the problem can you help me?

There are three types of HTTPS servers.
If your server is no authentication server, you do not need to upload the certificate.If your server is one-way authenticated and two-way authenticated, you need to upload the certificate.

How I can find https server type?
I can only open google and yahoo .

Hi，
If your server was purchased,you need to consult the seller which type of the server is.

Do you have any example with AT command and keys for test ? I dont know what is wrong ?

Hi，
Please refer to the examples in the documentation.You need to build your own server or purchase a server to test：

image1127×760 74.2 KB