Forums - httpsvr init failed

3 posts / 0 new
or Register
Last post
httpsvr init failed
karanpandey844
Join Date: 1 May 20
Posts: 12
Posted: Fri, 2020-05-15 02:54
Top

Hi,

I am working on qca4020 with sdk 3.2. I have two 4020 board and i want one as secure httpsvr and other one as secure httpc and want to connect both client and server.

I have created a cert.bin file by following method as:

openssl genrsa -des3 -out server.key 4096
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
openssl rsa -in server.key -out server.key.insecure
mv server.key server.key.secure
mv server.key.insecure server.key
 
and created a cert.bin file by using command  ./SharkSSLParseCAList -b cert.bin server.crt
 
Now on server side:
 
enable
setdevice 1
connect SSID
Net> dhcpv4c wlan1 new
 
Net>
Net: DHCPv4c: IP=192.168.43.185  Subnet Mask=255.255.255.0  Gateway=192.168.43.119
 
Net> cert get cert.bin 192.168.43.197 -s cert.bin -t ca_list
 
Net: Successfully downloaded cert.bin
Net: Successfully stored CA list
Net: cert.bin is stored in NV memory
 
Net> httpsvr init v4 https -c cert.bin
 
Net: Failed to Init HTTP server
 
Net> httpsvr init v4 http_https -c cert.bin
 
Net: Failed to Init HTTP server
 
Net> httpsvr init v4 https -c cert.bin -p 80 -s 443
 
Net: Failed to Init HTTP server
 
while without cert.bin it works as expected.
 
Net> httpsvr init v4 http
 
Net>
 
 
 
On client side:
enable
setdevice 1
connect SSID
Net> dhcpv4c wlan1 new
 
Net>
Net: DHCPv4c: IP=192.168.43.185  Subnet Mask=255.255.255.0  Gateway=192.168.43.119
 
Net> cert get cert.bin 192.168.43.197 -s cert.bin -t ca_list
 
Net: Successfully downloaded cert.bin
Net: Successfully stored CA list
Net: cert.bin is stored in NV memory
 
Why on server side server init is getting failed with https and with cert.bin.

 

  • Up0
  • Down0
Re: httpsvr init failed
c_rpedad
Profile picture
Join Date: 18 Jun 18
Location: San Jose
Posts: 317
Posted: Fri, 2020-05-15 18:12
Top

Kindly use the certificate to create the HTTPServer instead of CA list and let us know if you still observe the issue.


> Net cert get raja.pem 192.168.188.22 -k raja.key -s cert.bin -t pem_cert
Net: Successfully downloaded raja.pem
Net: Successfully downloaded raja.key
Net: Successfully converted and stored certificate
Net: cert.bin is stored in NV memory

> Net httpsvr init v46 https -c cert.bin -p 8080 -s 443
> Net httpsvr start

> Net httpsvr
Net: HTTP server is running (IPv4 IPv6/HTTPS)
Net: HTTPS port: 1443
Net: Landing page: /index.iws  Root path: /web/
Net: TX bufsize: 2048  RX bufsize: 1024

 

  • Up0
  • Down0
Re: httpsvr init failed
karanpandey844
Join Date: 1 May 20
Posts: 12
Posted: Fri, 2020-05-15 22:47
Top

Hi raja,

Thanks for the reply,

I followed the below method to create the certificate :

  1. openssl genrsa -des3 -out cert.key 1024
  2. openssl req -new -key foo.key -out cert.pem -x509 -days 365
  3. mv foo.key cert.key.withpass
  4. openssl rsa -in cert.key.withpass -out cert.key
  5. openssl ecparam -name secp224r1 -genkey -noout -out cert.key
  6. openssl req -new -key cert.key -out cert.pem -x509 -days 365

in server module:

Net> cert get cert.pem 192.168.43.197 -k cert.key -s cert.bin -t pem_cert
 
Net: Successfully downloaded cert.pem
Net: Successfully downloaded cert.key
Net: Successfully converted and stored certificate
Net: cert.bin is stored in NV memory
 
Net> httpsvr init v46 https -c cert.bin -p 8080 -s 443
 
Net> httpsvr start
 
Net>
 
Now server is successfully started in Secure http mode.
 
In client side:
 
Net> cert get cert.pem 192.168.43.197 -s cert -t pem_ca_list
 
Net: Successfully downloaded cert.pem
Net: Successfully converted and stored CA list
Net: cert is stored in NV memory
 
Net> dnsc start
 
Net> sntpc start
Net> httpc start
 
Net> httpc new
 
Net: HTTP client created. <client num> = 1
Net: insecure  rxbuf:512  bodybuf:300  headerbuf:1024  timeout:50000ms
 
Net> httpc conn 1 192.168.43.26 443
 
Net: conn to 192.168.43.26:443 succeeded
 
Now My doubt is if server is running in secure mode with cert.bin file then how client can be connected in insecure mode as i am not providing cert file as httpc new -s -c cert.
 
 
 
 
  • Up0
  • Down0
or Register

Opinions expressed in the content posted here are the personal opinions of the original authors, and do not necessarily reflect those of Qualcomm Incorporated or its subsidiaries (“Qualcomm”). The content is provided for informational purposes only and is not meant to be an endorsement or representation by Qualcomm or any other party. This site may also provide links or references to non-Qualcomm sites and resources. Qualcomm makes no representations, warranties, or other commitments whatsoever about any non-Qualcomm sites or third-party resources that may be referenced, accessible from, or linked to this site.