 Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me. |
Forum Index : Microcontroller and PC projects : Question about HTTPS/TLS
| Author | Message | ||||
Doktorn Newbie  Joined: 09/07/2019 Location: SwedenPosts: 36 |
Hi all Has anyone used WebMite 2350 with the new HTTPS/TLS? I have tried to make an API request but can't get it to work. I only get 400 Bad Request. How should I format a REQUEST for the following web site? https://www.elprisetjustnu.se/api/v1/prices/2026/05-26_SE4.json The code below worked with the previous version 5.07.07RC3 of WebMite with TLS. Dim buff%(8192/8) Dim b$=”GET /api/v1/prices/2023/04-15_SE4.json” +Chr$(10)+Chr$(13) WEB open tls client Wwww.elprisetjustnu.se”,443 WEB tls CLIENT REQUEST b$,buff%(),10000 Pause 1000 WEB close tls client /Lasse |
||||
| matherp Guru  Joined: 11/12/2012 Location: United KingdomPosts: 11516 |
The old request was malformed but the previous TLS stack was lenient enough to let it through. The new mbedTLS path needs a proper HTTP/1.1 request — specifically a CRLF (not LF+CR), an HTTP/1.1 version token, a Host: header, and a blank line terminator. Note the b$ lines will need connecting together. Dim buff%(8192/8) Dim CRLF$ = Chr$(13) + Chr$(10) Dim b$ = "GET /api/v1/prices/2026/05-26_SE4.json HTTP/1.1" + CRLF$ + "Host: _ www.elprisetjustnu.se" + CRLF$ + "User-Agent: WebMite" + CRLF$ + "Accept: _ application/json" + CRLF$ + "Connection: close" + CRLF$ + CRLF$ WEB OPEN TLS CLIENT "www.elprisetjustnu.se", 443 WEB TCP CLIENT REQUEST b$, buff%(), 10000 LongString print buff%() Pause 1000 WEB CLOSE TCP CLIENT Key points vs. your original: CRLF order: HTTP requires \r\n (Chr$(13)+Chr$(10)), your code had them reversed. HTTP version: must include HTTP/1.1 after the path. Host header: mandatory in HTTP/1.1 and required by virtual-hosted servers like this one; without it you'll usually get a 400. Blank line: a request ends with an extra CRLF on its own. Connection: close: makes the server close after responding so your buffer/timeout behavior is predictable. Fixed the Wwww typo and the smart quotes (” → ") — those would also fail to compile as-is. |
||||
| Doktorn Newbie Joined: 09/07/2019 Location: SwedenPosts: 36 |
Peter I didn't copy the code, I typed it in, so the mistake was that I typed shift-w instead of shift-2. These keys are quite close to each other. I don’t know about the inverted \n\r, it worked at least with the old code. Now it works as expected, only get the Invalid JSON data. As you pointed out in the discussion last November ”The json listed doesn’t confirm to the norm” so I have to insert the needed part[1].name. Strange however because both MicroPython and Annex RDS decodes the same JSON without complains. Many thanks for the help. /Lasse |
||||
| Doktorn Newbie Joined: 09/07/2019 Location: SwedenPosts: 36 |
Peter, The first SITE$ works OK, switch to the second one gives Error : TLS client error -15 Dim buff%(16384/8) Const CRLF$ = Chr$(13)+Chr$(10) Const SITE$ = "www.elprisetjustnu.se" 'Const SITE$ = "se.elpris.eu" WEB NTP 2 idag$="20"+Mid$(Date$,9,2)+"/"+Mid$(Date$,4,2)+"-"+LEFT$(Date$,2) ' ' ------------ Build HTTP/1.1 Request ---------------------------- ' reg$ = "GET /api/v1/prices/"+idag$+"_SE4.json HTTP/1.1" + CRLF$ Cat reg$, "Host: " + site$ + CRLF$ Cat reg$, "User-Agent: WebMite" + CRLF$ Cat reg$, "Accept: application/json" + CRLF$ Cat reg$, "Connection: close" + CRLF$ + CRLF$ ' ' ----------- End Build HTTP/1.1 Request ------------------------- Print reg$ WEB open tls client SITE$ ,443 WEB tcp CLIENT REQUEST reg$,buff%(),10000 Pause 1000 WEB close tcp client /Lasse |
||||
| matherp Guru Joined: 11/12/2012 Location: United KingdomPosts: 11516 |
Have you tried RC16 or RC17? There is a enhancement to enable RSA encryption in these latest releases |
||||
| Doktorn Newbie Joined: 09/07/2019 Location: SwedenPosts: 36 |
Running WebMite MMBasic RP2350A Edition V6.03.00RC16 |
||||
| matherp Guru Joined: 11/12/2012 Location: United KingdomPosts: 11516 |
TLS client error -15 is lwIP's ERR_CLSD. For se.elpris.eu the cause is that PicoMite Web supported MBEDTLS_SHA512_C but not the separate MBEDTLS_SHA384_C that mbedtls 3.6.2 requires. Without SHA-384, the ecdsa-with-SHA384 OID descriptor is compiled out, so mbedtls can't even parse the site's SHA-384-signed ECDSA certificate — the handshake aborts before verification, and altcp reports it as -15. Now included PicoMite.zip |
||||
| Doktorn Newbie Joined: 09/07/2019 Location: SwedenPosts: 36 |
Thank you, much appreciated. The payload from "se.elpris.eu" is about ten times smaller. /Lasse |
||||
 Print this page |
 |
The Back Shed's forum code is written, and hosted, in Australia. | © JAQ Software 2026 |
