Open doublep21 opened 3 years ago
Hi!
I'm not actually sure, this might be a bug if you say it worked with earlier version of the esp libraries. Just to make sure I understand you, what do you mean by esperiff 3.1
?
Consider sharing the relevant parts of your code, and double checking your setup..
Gil.
on PlatformIO is called platform "Espressif 32" , 3.1 obviously is the version.
The code :
#include <ArduinoWebsockets.h>
#include <WiFi.h>
const char* websockets_server = "wss://192.168.0.4:81"; //server adress and port
unsigned int ConnectionTimeout = 5000;
extern String getValue(String data, char separator, int index);
extern String getIO();
extern String setIO(int pin,int status);
extern String getTemperature();
extern String setPWM(int pin,int freq,int res,int duty);
bool cc = false;
void connectws();
using namespace websockets;
WebsocketsClient client;
void onMessageCallback(WebsocketsMessage message) {
Serial.print("Got Message: ");
Serial.println(message.data());
String data = message.data();
if (data.charAt(0) == '/') {
if(data == "/gettemp"){
client.send(getTemperature());
}
if(data == "/getio"){
client.send("/io?object="+getIO());
}
if(getValue(data, '?', 0) == "/setio"){
if(getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 0) == "pin"){
String pin = getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 1);
String status = getValue(getValue(getValue(data, '?', 1), '&', 1), '=', 1);
client.send(setIO( pin.toInt() , status.toInt() ));
}
}
if(getValue(data, '?', 0) == "/setpwm"){
if(getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 0) == "pin"){
String pin = getValue(getValue(getValue(data, '?', 1), '&', 0), '=', 1);
String freq = getValue(getValue(getValue(data, '?', 1), '&', 1), '=', 1);
String res = getValue(getValue(getValue(data, '?', 1), '&', 2), '=', 1);
String duty = getValue(getValue(getValue(data, '?', 1), '&', 3), '=', 1);
client.send(setPWM( pin.toInt() , freq.toInt(), res.toInt(), duty.toInt() ));
}
}
}
}
void onEventsCallback(WebsocketsEvent event, String data) {
if(event == WebsocketsEvent::ConnectionOpened) {
Serial.println("Connnection Opened");
} else if(event == WebsocketsEvent::ConnectionClosed) {
Serial.println("Connnection Closed");
} else if(event == WebsocketsEvent::GotPing) {
Serial.println("Got a Ping!");
} else if(event == WebsocketsEvent::GotPong) {
Serial.print(millis());
Serial.println(": Got a Pong!");
cc = true;
}
}
void wsSetup(){
// Setup Callbacks
client.onMessage(onMessageCallback);
client.onEvent(onEventsCallback);
connectws();
}
void connectws(){
// Connect to server
// Before connecting, set the ssl fingerprint of the server
// client.setCACert(ssl_ca_cert);
bool connected = client.connect(websockets_server);
if(connected) {
Serial.println("Connected!");
client.send("/login?ESP="+WiFi.macAddress()+"&auth="+"*"+"&HasTempSensor=1"+"&IsIO=1");
cc = true;
} else {
cc = false;
Serial.println("Not Connected!");
}
}
void connectionCheck(){
//client.send("ping");
client.ping();
cc = false;
}
unsigned long startmillis = millis();
String s;
void wsloop(){
if (startmillis + ConnectionTimeout < millis()){
startmillis = startmillis + ConnectionTimeout;
if(!cc){
connectws();
}
connectionCheck();
}
client.poll();
if (Serial.available() > 0) {
s = Serial.readString();
client.send(s);
}
}
I have the same issue, I used the Secured-Esp32-Client.ino example. Replaced client.setCACert(echo_org_ssl_ca_cert);
with client.setInsecure();
. And it doesn't work on Arduino ESP32 1.0.5 (released on the 23rd Feb), but does work on 1.0.4.
Hi @doublep21, thanks for opening this issue and including your code.
I suspect that the issue with your code is this commented line:
// client.setCACert(ssl_ca_cert);
You must provide some kind of certificate for the server you are connecting to (if it is done using SSL [wss]). Insecure connection might be unsupported for newer versions of the framework, as @JasXSL mentioned. This could be a nice feature to add (to remove the setInsecture()
method if framework version is new enough and platform is esp32), but other than that, there isn't much the library can do (unless they added some explicit feature for insecure connection in the new platform code)
Gil.
So the new ESP version is blocking the setInsecure method?
If you're using wss://echo.websocket.org
, update your CA Cert as follows:
// This certificate was updated 15.04.2021, issues on Mar 15th 2021, expired on June 13th 2021
const char echo_org_ssl_ca_cert[] PROGMEM = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" \
"MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" \
"DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" \
"MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" \
"AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" \
"jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" \
"Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" \
"U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" \
"gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" \
"/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" \
"oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" \
"BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" \
"ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" \
"p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" \
"AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" \
"Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" \
"LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" \
"r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" \
"AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" \
"ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" \
"S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" \
"qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" \
"O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" \
"UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" \
"-----END CERTIFICATE-----\n";
This is the terminal output when using new SSL Cert
Starting WebSockets Secured-ESP32-Client on ESP32_DEV
...
Connected to Wifi, Connecting to WebSockets Server @wss://echo.websocket.org/
Connnection Opened
Connected!
Got Message: Hello to Server from ESP32_DEV
Got a Pong!
Got Message: Hello Server
Got a Pong!
Please also check the solved issue in Secured-Esp32-Client Example not works on NodeMcu32s (Esp32s) #16
If you're using
wss://echo.websocket.org
, update your CA Cert as follows:// This certificate was updated 15.04.2021, issues on Mar 15th 2021, expired on June 13th 2021 const char echo_org_ssl_ca_cert[] PROGMEM = \ "-----BEGIN CERTIFICATE-----\n" \ "MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" \ "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" \ "DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" \ "MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" \ "AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" \ "jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" \ "Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" \ "U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" \ "gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" \ "/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" \ "oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" \ "BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" \ "ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" \ "p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" \ "AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" \ "Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" \ "LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" \ "r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" \ "AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" \ "ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" \ "S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" \ "qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" \ "O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" \ "UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" \ "-----END CERTIFICATE-----\n";
This is the terminal output when using new SSL Cert
Starting WebSockets Secured-ESP32-Client on ESP32_DEV ... Connected to Wifi, Connecting to WebSockets Server @wss://echo.websocket.org/ Connnection Opened Connected! Got Message: Hello to Server from ESP32_DEV Got a Pong! Got Message: Hello Server Got a Pong!
Please also check the solved issue in Secured-Esp32-Client Example not works on NodeMcu32s (Esp32s) #16
Awesome! Do you like to open a PR and change the certificate in the example? I can do it myself, but I think you should get the credit.
I've created a PR for the lib WebSockets2_Generic wich solve this problem => https://github.com/khoih-prog/WebSockets2_Generic/pull/18 like the lib is based on this lib, the porting of it is really easy. Do you want me to create a PR for this for your lib ?
I can also not connect to a secured websocket using the following code:
#include <ArduinoWebsockets.h>
#include <WiFi.h>
const char* ssid = "XXX"; //Enter SSID
const char* password = "XXX"; //Enter Password
const char* websockets_connection_string = "wss://echo.websocket.org/"; //Enter server adress
const char echo_org_ssl_ca_cert[] PROGMEM = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIFMTCCBBmgAwIBAgISA+YsE2kLGzw6wgvSftCq4+JOMA0GCSqGSIb3DQEBCwUA\n" \
"MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" \
"EwJSMzAeFw0yMTA1MjQxOTM1MzRaFw0yMTA4MjIxOTM1MzRaMBgxFjAUBgNVBAMT\n" \
"DXdlYnNvY2tldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1\n" \
"4oXUJYaP9DoJ0gMoe3CLd49aoqoKvxSvP+VJ7ZVFXDjsG1ocXCyQFxmSvcM1IF6Y\n" \
"qJKJEHnoztYNvDbUD0Mr3Y5xwxeQXUv3B05gik4w2F18/iQQRDaIlQ4WDDUN7VaO\n" \
"sgxxsk9o2NBMqWu0fuzLWreJpXI+/q3/wTwekWybKnFFeH7DtDNDCgyjVc3Ev/Xy\n" \
"Jqt0cn6g4+lYMs9As652aUzwLvLKlEizGlN4nObKtXL0e9UGPBkEBkTAKIPlBQoS\n" \
"W0xkhW0sRhh9+mINNlrtINkyCtYQzSpF8Ye8rHThvCPoT+AzNtCqMsAXtg81dKAL\n" \
"/m1R3/HaZADnlBhKXU+1AgMBAAGjggJZMIICVTAOBgNVHQ8BAf8EBAMCBaAwHQYD\n" \
"VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n" \
"BBYEFCqjryo437DlUGeOCGa/invUBuVuMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ\n" \
"QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz\n" \
"Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv\n" \
"MCkGA1UdEQQiMCCCDyoud2Vic29ja2V0Lm9yZ4INd2Vic29ja2V0Lm9yZzBMBgNV\n" \
"HSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpo\n" \
"dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA\n" \
"8AB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABeaAXBpYAAAQD\n" \
"AEgwRgIhAPMeO7rzATtXB6U/+nbTHSDYS9mmZmy8oNa0OecCRNVkAiEA1SkPJX6I\n" \
"w3+UjtI8McOKSXjoVS6QL7QtaDRMxDm0W10AdQD2XJQv0XcwIhRUGAgwlFaO400T\n" \
"GTO/3wwvIAvMTvFk4wAAAXmgFwcJAAAEAwBGMEQCIC/Mm6/4C09aTpvpdg9bcJ+R\n" \
"dn8H5a47q+k9IbDL0h/sAiB4zMDuivp8ohxf3B24w/gBmVy0V8JgTSHDWPbctnwq\n" \
"8DANBgkqhkiG9w0BAQsFAAOCAQEAgEh0VR4F44La1CbCMstxPDE/aTvirg+odT+f\n" \
"9U3SnsjDpBlifbOe/nby1EIHfwJ+h6sXCwsy9IupbNC8QkUO6Xb1eIstTxS/PhdV\n" \
"i9URTqIqOXgRHWfPGzuYjeQQIlsS/B0ma7NWeAzyipfrFVSt3AGKMZDox+ohbAyA\n" \
"Kqzbg193BrgBhNjtD4DpHbo2OXjcsXjneI6yNruQP8hwpucPb1E4pam3+h4zH6uv\n" \
"qzeCo2EqimtRsWlGbcLpY0t40Hlpa5jaV6pOiJFGqqMkJtiThgB03ycGp0TpG65Q\n" \
"DuXzWnD/cBQaSQ3kBu6KuYwTxftJNrCs0ANJLxjrhvC4r6Af/A==\n" \
"-----END CERTIFICATE-----\n";
using namespace websockets;
void onMessageCallback(WebsocketsMessage message) {
Serial.print("Got Message: ");
Serial.println(message.data());
}
void onEventsCallback(WebsocketsEvent event, String data) {
if(event == WebsocketsEvent::ConnectionOpened) {
Serial.println("Connnection Opened");
} else if(event == WebsocketsEvent::ConnectionClosed) {
Serial.println("Connnection Closed");
} else if(event == WebsocketsEvent::GotPing) {
Serial.println("Got a Ping!");
} else if(event == WebsocketsEvent::GotPong) {
Serial.println("Got a Pong!");
}
}
WebsocketsClient client;
void setup() {
Serial.begin(115200);
WiFi.begin(ssid, password);
// Wait some time to connect to wifi
for(int i = 0; i < 10 && WiFi.status() != WL_CONNECTED; i++) {
Serial.print(".");
delay(1000);
}
// Check if connected to wifi
if(WiFi.status() != WL_CONNECTED) {
Serial.println("No Wifi!");
return;
}
client.setCACert(echo_org_ssl_ca_cert);
Serial.println("Connected to Wifi, Connecting to server.");
// try to connect to Websockets server
bool connected = client.connect(websockets_connection_string);
if(connected) {
Serial.println("Connected!");
client.send("Hello Server");
} else {
Serial.println("Not Connected!");
}
// run callback when messages are received
client.onMessage([&](WebsocketsMessage message){
Serial.print("Got Message: ");
Serial.println(message.data());
});
}
void loop() {
// let the websockets client check for incoming messages
if(client.available()) {
client.poll();
}
delay(500);
}
I downloaded the current certificate from the website:
echo | openssl s_client -servername echo.websocket.org -connect echo.websocket.org:443
CONNECTED(00000005)
depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = websocket.org
verify return:1
---
Certificate chain
0 s:/CN=websocket.org
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISA+YsE2kLGzw6wgvSftCq4+JOMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA1MjQxOTM1MzRaFw0yMTA4MjIxOTM1MzRaMBgxFjAUBgNVBAMT
DXdlYnNvY2tldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1
4oXUJYaP9DoJ0gMoe3CLd49aoqoKvxSvP+VJ7ZVFXDjsG1ocXCyQFxmSvcM1IF6Y
qJKJEHnoztYNvDbUD0Mr3Y5xwxeQXUv3B05gik4w2F18/iQQRDaIlQ4WDDUN7VaO
sgxxsk9o2NBMqWu0fuzLWreJpXI+/q3/wTwekWybKnFFeH7DtDNDCgyjVc3Ev/Xy
Jqt0cn6g4+lYMs9As652aUzwLvLKlEizGlN4nObKtXL0e9UGPBkEBkTAKIPlBQoS
W0xkhW0sRhh9+mINNlrtINkyCtYQzSpF8Ye8rHThvCPoT+AzNtCqMsAXtg81dKAL
/m1R3/HaZADnlBhKXU+1AgMBAAGjggJZMIICVTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFCqjryo437DlUGeOCGa/invUBuVuMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MCkGA1UdEQQiMCCCDyoud2Vic29ja2V0Lm9yZ4INd2Vic29ja2V0Lm9yZzBMBgNV
HSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpo
dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABeaAXBpYAAAQD
AEgwRgIhAPMeO7rzATtXB6U/+nbTHSDYS9mmZmy8oNa0OecCRNVkAiEA1SkPJX6I
w3+UjtI8McOKSXjoVS6QL7QtaDRMxDm0W10AdQD2XJQv0XcwIhRUGAgwlFaO400T
GTO/3wwvIAvMTvFk4wAAAXmgFwcJAAAEAwBGMEQCIC/Mm6/4C09aTpvpdg9bcJ+R
dn8H5a47q+k9IbDL0h/sAiB4zMDuivp8ohxf3B24w/gBmVy0V8JgTSHDWPbctnwq
8DANBgkqhkiG9w0BAQsFAAOCAQEAgEh0VR4F44La1CbCMstxPDE/aTvirg+odT+f
9U3SnsjDpBlifbOe/nby1EIHfwJ+h6sXCwsy9IupbNC8QkUO6Xb1eIstTxS/PhdV
i9URTqIqOXgRHWfPGzuYjeQQIlsS/B0ma7NWeAzyipfrFVSt3AGKMZDox+ohbAyA
Kqzbg193BrgBhNjtD4DpHbo2OXjcsXjneI6yNruQP8hwpucPb1E4pam3+h4zH6uv
qzeCo2EqimtRsWlGbcLpY0t40Hlpa5jaV6pOiJFGqqMkJtiThgB03ycGp0TpG65Q
DuXzWnD/cBQaSQ3kBu6KuYwTxftJNrCs0ANJLxjrhvC4r6Af/A==
-----END CERTIFICATE-----
subject=/CN=websocket.org
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
---
SSL handshake has read 4200 bytes and written 565 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : AES128-SHA
Session-ID: 60FEF304384F3BCAE6078DDB72DA8971D69CC38DA1E633A4E73C14186E6A9560
Session-ID-ctx:
Master-Key: B9B5D54AF6C26D70AB1FEB7D0A9216628DF18E519195409741228F55AB51449C13302652F045CD0DDBE505368C3EE6E2
Start Time: 1627321097
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
DONE
I only get the following output:
...Connected to Wifi, Connecting to server.
Not Connected!
I̶ ̶a̶l̶s̶o̶ ̶t̶e̶s̶t̶e̶d̶ ̶t̶h̶e̶ ̶l̶a̶t̶e̶s̶t̶ ̶v̶e̶r̶s̶i̶o̶n̶ ̶[̶2̶.̶0̶.̶0̶ ̶R̶C̶1̶]̶(̶h̶t̶t̶p̶s̶:̶/̶/̶g̶i̶t̶h̶u̶b̶.̶c̶o̶m̶/̶e̶s̶p̶r̶e̶s̶s̶i̶f̶/̶a̶r̶d̶u̶i̶n̶o̶-̶e̶s̶p̶3̶2̶/̶r̶e̶l̶e̶a̶s̶e̶s̶/̶t̶a̶g̶/̶2̶.̶0̶.̶0̶-̶r̶c̶1̶)̶,̶ ̶b̶u̶t̶ ̶i̶t̶ ̶d̶o̶e̶s̶n̶'̶t̶ ̶w̶o̶r̶k̶ e̶i̶t̶h̶e̶r̶.̶ ̶T̶h̶e̶ ̶[̶W̶e̶b̶S̶o̶c̶k̶e̶t̶s̶2̶̶G̶e̶n̶e̶r̶i̶c̶]̶(̶h̶t̶t̶p̶s̶:̶/̶/̶g̶i̶t̶h̶u̶b̶.̶c̶o̶m̶/̶k̶h̶o̶i̶h̶-̶p̶r̶o̶g̶/̶W̶e̶b̶S̶o̶c̶k̶e̶t̶s̶2̶̶G̶e̶n̶e̶r̶i̶c̶)̶ ̶l̶i̶b̶r̶a̶r̶y̶ ̶i̶s̶ ̶a̶l̶s̶o̶ ̶n̶o̶t̶ ̶w̶o̶r̶k̶i̶n̶g̶ ̶f̶o̶r̶ ̶m̶e̶,̶ ̶s̶o̶ m̶a̶y̶b̶e̶ ̶i̶t̶ ̶h̶a̶s̶ ̶t̶o̶ ̶d̶o̶ ̶s̶o̶e̶m̶t̶h̶i̶n̶g̶ ̶w̶i̶t̶h̶ ̶t̶h̶e̶ ̶b̶o̶a̶r̶d̶ ̶r̶e̶v̶ ̶o̶r̶ ̶s̶o̶?̶
I finally found the answer thanks to this comment. I was using the first certificate, but the second was needed. Sorry, my bad.
The right command is:
$ openssl s_client -showcerts -connect websocket.org:443
unable to connect to wss with esp32 after porting all project to a new pc , i think is a new version of something the issue . i don't have a ca certificate in the code , before was working fine without.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection. [V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection. [V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 257808 [E][WiFiClientSecure.cpp:127] connect(): start_ssl_client: -1 [V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection. [E][WiFiClient.cpp:309] setOption(): fail on fd -1, errno: 9, "Bad file number"
with esperiff 2.0 works fine qith esperiff 3.1 do not work is this a bug?