Titus002 commented 5 months ago

I have an Issue with WSS. I am Trying to connect to an API for robotic lawn Mowers with an ESP 32. For that I made a get Request to an authentication API which provides me an authentication token. (His part works fine)

Now I need to use this Token to connect to the Websocket Sever via Websocket Secure, but this doesn't work. Here is the Documentation of the API:

I added Headers which are Requestet from the API and set the SSL certificate which I got with: openssl s_client -showcerts -connect wss://ws.openapi.husqvarna.dev/v1 Iam not getting an SSL ERROR the Websocket just doesn't connects, and getCloseReason gives me 1002. Maybe someone could help me, that would be awesome.

Here ist my Code: `#include

include

String provider; String token_type; String access_token;

AuthentificationApi authentificationApi(urlAuthentificationServer, rootCACertificateAuthentificationServer, applicationKey, applicationSecret);

using namespace websockets; WebsocketsClient client;

//Time set for HTTP void setClock(){ configTime(0, 0, "pool.ntp.org"); Serial.print(F("Waiting for NTP time sync: ")); time_t nowSecs = time(nullptr); while (nowSecs < 8 3600 2) { delay(500); Serial.print(F(".")); yield(); nowSecs = time(nullptr); } Serial.println(); struct tm timeinfo; gmtime_r(&nowSecs, &timeinfo); Serial.print(F("Current time: ")); Serial.print(asctime(&timeinfo)); }

// WiFi Connection void setup() { Serial.begin(115200); WiFi.begin(ssid, password); Serial.println("Connecting to WIFI: " + String(ssid)); while (WiFi.status() != WL_CONNECTED) { delay(500); Serial.print("."); } Serial.println(); Serial.println("WiFi connected"); }

void loop() { // get Data from Authentification API std::map<String, String> authentificationList = authentificationApi.getAuthentification(); Serial.println(authentificationList["accessToken"]); Serial.println(authentificationList["scope"]); Serial.println(authentificationList["expires_in"]); Serial.println(authentificationList["provider"]); Serial.println(authentificationList["user_id"]); Serial.println(authentificationList["token_type"]);

provider = authentificationList["provider"]; token_type =authentificationList["token_type"]; access_token = authentificationList["accessToken"];

client.setCACert(ssl_cert0); //set SSL certificate client.addHeader("Authorization: Bearer ", access_token); //set Headers so the API allows Connection client.addHeader("Authorization-Provider: ", "husqvarna"); client.addHeader("X-Api-Key: ", "xxxxx-xxx-xxxxxx"); bool connected = client.connect("wss://ws.openapi.husqvarna.dev/v1"); Serial.println(client.getCloseReason()); //get Close reason gives me 1002 if(client.available()){ Serial.println("Client is avalable"); }

if (connected) { Serial.println("Connected"); } else { Serial.println("Connection failed."); }

client.poll();

Serial.println("Waiting 1000000s before the next round..."); delay(1000000); }

`

mkrasselt1 commented 5 months ago

could you check that pull request #142 ?

JpEncausse commented 4 months ago

Hello, I got the same issue here :

[ 11748][E][WiFiClientSecure.cpp:144] connect(): start_ssl_client: -1
[ 11749][E][WiFiClient.cpp:313] setSocketOption(): fail on 0, errno: 9, "Bad file number"

#include <ArduinoWebsockets.h>
const char* websockets_server_string = "wss://path/to/server"; 

using namespace websockets;
WebsocketsClient client_ws;

unsigned long ws_t1 = 0;
void loopWebSocket(){

  if (client_ws.available()) { client_ws.poll(); }

  unsigned long ws_t0 = millis();
  if (ws_t0 - ws_t1 >= 3000) {
    ws_t1 = ws_t0;
    client_ws.send("Hello, world!");
  } 
}

void onMessageCallback(WebsocketsMessage message) {
    Serial.print("Got Message: ");
    Serial.println(message.data());
}

void onEventsCallback(WebsocketsEvent event, String data) {
    if(event == WebsocketsEvent::ConnectionOpened) {
        Serial.println("Connnection Opened");
    } else if(event == WebsocketsEvent::ConnectionClosed) {
        Serial.println("Connnection Closed");
    } else if(event == WebsocketsEvent::GotPing) {
        Serial.println("Got a Ping!");
    } else if(event == WebsocketsEvent::GotPong) {
        Serial.println("Got a Pong!");
    }
}

const char ssl_ca_cert[] PROGMEM = \
"-----BEGIN CERTIFICATE-----\n" \
"The real certificate"
"-----END CERTIFICATE-----\n";

void Helper::setupWebSocket(){
  delay(2000);

  // run callback when messages are received
  client_ws.onMessage(onMessageCallback);

  // run callback when events are occuring
  client_ws.onEvent(onEventsCallback);

  // Before connecting, set the ssl fingerprint of the server
  client_ws.setCACert(ssl_ca_cert);
  client_ws.setInsecure(); // Usefull ?

  bool connected = client_ws.connect(websockets_server_string);
  if (connected) {
      Serial.println("Connected!");
      client_ws.send("Hello Server");
  } else {
      Serial.println("Not Connected!");
  }
}

I don't know what to do ? I almost copy the code sample here. I also tested my server with another client and it works.

JpEncausse commented 4 months ago

If I remove the setInsecure() I got another error :

[  7620][E][ssl_client.cpp:37] _handle_error(): [start_ssl_client():273]: (-9984) X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
[  7623][E][WiFiClientSecure.cpp:144] connect(): start_ssl_client: -9984
[  7630][E][WiFiClient.cpp:313] setSocketOption(): fail on 0, errno: 9, "Bad file number"

I validated my certificate online and it seems ok

JpEncausse commented 4 months ago

Find the answer !!!!! YES !!!! (months I got the issue) Here is the explanation : https://www.esp32.com/viewtopic.php?t=12083 And the Issue : https://github.com/espressif/arduino-esp32/issues/3155

In a nutshell the Certificate Generated by Let's Encrypt suck but it's parent works

gilmaimon / ArduinoWebsockets

Issue with WSS and ESP 32 #152

include

include

include

include

include

include

include

include

include

include