페이지 선택
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in pages

SSL, TLS, Mbed-TLS, 1.4.1, TCP client exercise with WIFI AT, Command, → Continues with HTTP(S), MQTT(S), and AWS IoT on this site.

 

 

TCP SSL/TLS Client Exercise

Let’s practice encrypted communication by applying SSL/TLS security right on top of the TCP Layer.

As prior learning, you can refer to TCP communication practice in § PC IoT/NET/TCP Exercise(SSL/TLS).

 

 

 

1.  TCP SSL/TLS Client Command Sequence

 

No Command Sequence Response/Event Description
1 AT+WJAP=EDWORKS2,edw12345\r

OK

+WEVNET:STATION_UP

Connect WIFI module to AP
      Check the server IP address in advance
2 AT+SSLCERTSET=0\r >

Settings to enter CA Certificate

Response is  “>”

  > Input Certificate/Upload File  

Enter//File-upload the CA Certificate

(Refer to the picture below)

  1A   Send as the last character, HEX Value 1A
3 AT+SSLCERTSET=1\r >

Settings to enter Client Certificate

Response is  “>”

  > Input Certificate/Upload File  

Enter//File-upload the client’s Certificate

(Refer to the picture below)

  1A OK Send as the last character, HEX Value 1A
4 AT+SSLCERTSET=2\r >

Settings to enter Client Private Key

Response is  “>”

  > Input Certificate/Upload File  

Enter//File-upload the client’s private key

(Refer to the picture below)

  1A OK Send as the last character, HEX Value 1A
  AT+CIPEVENT=ON\r   Set TCP event notification to on
5 AT+CIPSSLOPT=0,1,1\r OK  
6 AT+CIPSTART=0,ssl_client,192.168.0.2,20000\r

OK

+CIPEVENT:0,SERVER,CONNECTED

Connected to the server with ID=0
7 AT+CIPSEND=0,10\r > Data transmission in command mode
  Hi, Server

> 12345

OK

Enter data to be transmitted

(enter data within 0.5 seconds)

  AT+CIPEVENT=OFF\r   Set TCP Event Notification Off
8 AT+CIPSENDRAW\r >

Data transmission in data mode

(Data mode = Transparent mode)

  > Hi, This is transparent mode data   Input data to be transmitted through serial port
  +++ OK

Return to command mode

(enter +++ within 0.5 seconds)

9 AT+CIPSTOP=0\r

OK

+CIPEVENT:0,SERVER,CLOSED

Close TCP socket, ID-0 connection

 

 

How to enter a certificate

When using Geshe Beacon, enter the certificate by file upload method as shown below.

Don’t forget to add “1A” after entering the certificate.

When programming the host MCU directly or entering the certificate using other serial communication SW,

Copy the certificate itself and send it as input as a string.

 

 

 

 

 

 

2.  Running a TCP SSL/TLS server

 

♦ Run a TCP server

Start the server as follows using OpenSSL in the Windows command window.

→ OpenSSL/bin>openssl s_server -cert server.crt -key server.key -verify 1 -CAfile ca.crt -accept 443

or

→ OpenSSL/bin>openssl s_server -cert server.crt -key server.key -Verify 10 -CAfile ca.crt –accept 443

 

 

 

 

 

 

3.  Check TCP SSL/TLS Communication Operation

 

♦ By executing No. 9 in the procedure, the client is normally connected to the TCP SSL/TLS server.

 

Data transfer(client→server): Result of executing command procedure No. 10

 

 

 

Data transmission(Server→Client): The server sends data to the client by inputting the following.

 

 

Data transmission (Server → Client): The data received from the TCP client is as follows.

 

 

♦ Let’s try sending and receiving data even in data mode (Transparent mode).

 

 

 

Adsense

 

 WiFi IoT Module

 

www.mxchip.com

 

 

 Bluetooth Module

www.feasycom.com

 

 

 5G/LTE/CAT-M1/NB-IoT

 

www.simcom.com

 

Viewed Page List