RobertByrnes
commented
5 months ago HI @weekroom First thing to try if you are sure about the cert is to place the cert directly in the main file without the PROGMEM directive. Does it work then?
Closed weekroom closed 4 months ago
RobertByrnes
commented
5 months ago HI @weekroom First thing to try if you are sure about the cert is to place the cert directly in the main file without the PROGMEM directive. Does it work then?
weekroom
commented
5 months ago @RobertByrnes sir,I tried to place it in the main file and removed PROGMEM directives such as const char root_ca[] = "Certificate parameters", But it still runs (-2). BIGNUM - An error occurred while reading from or writing to a file
RobertByrnes
commented
5 months ago @weekroom Please post your sanitised main.cpp file (or however it is named) and I'll take a look...cheers
weekroom
commented
5 months ago @RobertByrnes
#include <M5Atom.h>
#include "ATOM_DTU_NB.h"
#include <PubSubClient.h>
#include <TinyGsmClient.h>
#include <time.h>
#include <sys/time.h>
#include <SSLClient.h>
//#include "ca_cert.h"
#define MQTT_BROKER "a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com" //onenet 的 地址
#define MQTT_PORT 8883 //端口号
#define UPLOAD_INTERVAL 10000
#define mqtt_devid "44a8c4fe642442f19c71ac54ec18d20d" //client id
const char root_ca[] =
"-----BEGIN CERTIFICATE-----\n"
"MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\n"
"ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\n"
"b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\n"
"MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\n"
"b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\n"
"ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n"
"9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\n"
"vIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\n"
"VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n"
"93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\n"
"jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\n"
"AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\n"
"A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\n"
"U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\n"
"N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\n"
"o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\n"
"5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\n"
"rqXRfboQnoZsG4q5WTP468SQvvG5\n"
"-----END CERTIFICATE-----\n";
//Client Certificate (from Azure Iot Hub Device) - Get your own
const char client_cert_pem_start[] =
"-----BEGIN CERTIFICATE-----\n"
"MIIDWTCCAkGgAwIBAgIUeM9VMqlYN68Lk7Fsxhvoa+PZ4LcwDQYJKoZIhvcNAQEL\n"
"BQAwTTFLMEkGA1UECwxCQW1hem9uIFdlYiBTZXJ2aWNlcyBPPUFtYXpvbi5jb20g\n"
"SW5jLiBMPVNlYXR0bGUgU1Q9V2FzaGluZ3RvbiBDPVVTMB4XDTI0MDQxMDAxNTI0\n"
"NFoXDTQ5MTIzMTIzNTk1OVowHjEcMBoGA1UEAwwTQVdTIElvVCBDZXJ0aWZpY2F0\n"
"ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbEEOthR8572jf/2LRN\n"
"0uxchpAOjJbP748D5/Gi/lTakequ70LQ5Yn5uGRRe5G+mruYBQU0DBP2WTRpFAWT\n"
"GR1iNVNFIbuRll/3wxj49KYD1JdR+uOoXdHK5suMGzQQrg8LPvCehX5pSs9VJqtV\n"
"hu6/q+m1fZdJpDnGAOSqx4wvCEGeEOkPoLqXQW2dOcqjMXO23XxlEVd9YdBggz7T\n"
"kdZ336wHTs3ptadMWwRAYcZ9rbARCcrRNnDVkNaNKBUVzInUpzKtbss0m2pYPnBR\n"
"tIfVaWkxBaB9SEK5mLC0f/Oqab4bam10J1SKaJpjm+xnaz0uzJHcuw4XyyvO0Fz7\n"
"O2MCAwEAAaNgMF4wHwYDVR0jBBgwFoAUOj3qq6zTGJ/pTxVbsHoMmwZdzoUwHQYD\n"
"VR0OBBYEFEpZho2Q1cy8m472htFE+55p4bhHMAwGA1UdEwEB/wQCMAAwDgYDVR0P\n"
"AQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ8iAPGOwtdWxRY6Jk3BTJtRWe\n"
"NGtL8uZ1T22BX5G9rq7Jl0Qphe6vPSmBMYVExOwtIliEItvsgIwSZ+iGZOLBLdra\n"
"wG1yKxbN+vq8RLNCxTeAYZBLzEzkvnm3S3w+ev0AXEXVlloO/L2VYx/clILZ79f8\n"
"Iy0VK5Ra9k0Owfo5LvzD7A7ISaVRKtwElkVo4JCqSHjZVsea5JfSrD3RLi4HI+oX\n"
"RdlnL7VmmAvtoUMD7U1VFmuI05mA9CopW/PetB/VCmyIpmAelpWEcgI3QLQAppbO\n"
"FYHef1zWEmxpmnL5+e8wfnfmxPjZTjJT6VLTZ0XZrcGdR1jolEgt2XPAgT2/\n"
"-----END CERTIFICATE-----";
//Client Key (from Azure Iot Hub Device) - Get your own
const char client_key_pem_start[] =
"-----BEGIN RSA PRIVATE KEY-----\n"
"MIIEpAIBAAKCAQEA1sQQ62FHznvaN//YtE3S7FyGkA6Mls/vjwPn8aL+VNqR6q7v\n"
"QtDlifm4ZFF7kb6au5gFBTQME/ZZNGkUBZMZHWI1U0Uhu5GWX/fDGPj0pgPUl1H6\n"
"46hd0crmy4wbNBCuDws+8J6FfmlKz1Umq1WG7r+r6bV9l0mkOcYA5KrHjC8IQZ4Q\n"
"6Q+gupdBbZ05yqMxc7bdfGURV31h0GCDPtOR1nffrAdOzem1p0xbBEBhxn2tsBEJ\n"
"ytE2cNWQ1o0oFRXMidSnMq1uyzSbalg+cFG0h9VpaTEFoH1IQrmYsLR/86ppvhtq\n"
"bXQnVIpommOb7GdrPS7Mkdy7DhfLK87QXPs7YwIDAQABAoIBAQDFNFAc8rzO22cr\n"
"WKCSH4v4QZXGHbX2nYTpm7qVZQeIvxKRnoRQpCTBpy4r365Jy+2lKBgkCQC2K9UJ\n"
"jRs3azT6iD1S8v3gj/S2tnjNK3zqHEZPlJV+ChHsHBYE/efUzSQm6DqpE8acpu5s\n"
"p1HUrboy7IldFqv2CUblTe1wC2kkTDT4QkzkweX+fg1scMQErcZPtL+qggQqwC7K\n"
"eVTA4b7u8GHMJu9MQ5BN8+94lsWYBZj2Nd6ZJhJGZn0p0VqpnWgLu88zOhABebma\n"
"YKn2VKlHEBlAlhFR26kV8VXTyHDhyoFA6TbBKGD9MEW9bCN29sLJbvZIVYW6yKiB\n"
"ySMiPQnRAoGBAOs9zqu2ShA73r39UAFo6eLYsbJOerpsR07KBt1UmUyiT+SPsaeU\n"
"GyDMi8aLxDZ3THDENqfsnBcozbFK2KBO9xFHY7Rr2NOwI+4yHlGMDBeTCc1Otp31\n"
"VifoiHNL50LBLcsbwo8NdfOSCaCeC295sPFCE5Zp4SN6qwHBf0Ok3QvvAoGBAOm3\n"
"tVawAerq12XuNkwoKuCbS+P+zIY4dGgT0Wcdpf34mAvejeCF0IkxJHV7YHLz3rJg\n"
"V6KPJ+24P86qE67ODswZyBntMCf+QgTcbms5YC+AM/6Fqn47et4Vn5uMpNtYOzao\n"
"xMrB0G/Ajs6dZQaMYXkjQ/vI/8/UgG9a8ClbGSPNAoGANAWWF7kXReHHj2JeeAFY\n"
"f7cGDPV4BJP/bPgWbonP4PegDV6Nng6NtUImwwCToqvdNq7dm2Mi3ahDXKq9ny33\n"
"S1XrQbH74Ex6lal1tPjwj6IPr9xxXBsuM2MkEcM+YC/STbFU5EfIxtWL1X497ygN\n"
"Lj07ka7Wf/8XpCrDVxU1YPcCgYA8os/mVLW6qAEITfxCV+1/5mqTFWkkrYLt+a5L\n"
"bXLCaHuyIKR4it8mqNxHqqHEUScG6l3yK+f1EedkC9YddRJ7u3ih2Vq0FZA1SKdR\n"
"JEqjKETVFQK9y1q+QafuKFghHEwIi1K7M/uK8s9aJZWvVD55uj+KFITh+8TynwpO\n"
"AHeORQKBgQC6cxbJYxGMcaOBAhidRyZIMz6CplMBT1FpP4UtSWK7NmVBEyTE7LDn\n"
"QSveTmvt9E6Ag+QcL4UxfV9wfxWJHXPl8DIZo13nYDyt3iflgc0qUrBeRPvPXgUG\n"
"cVxYYC3afV0QZJwcg3TzlSoohKnoTKtykxp7bF+AtWrgJoU0CggrsA==\n"
"-----END RSA PRIVATE KEY-----";
TinyGsm modem(SerialAT, ATOM_DTU_SIM7020_RESET);
TinyGsmClient tcpClient(modem);
SSLClient ssl_client(&tcpClient);
PubSubClient mqttClient(ssl_client);
void nbConnect(void);
// For read the MQTT events
void callback(char *topic, byte *payload, unsigned int length)
{
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
for (int i = 0; i < length; i++)
{
Serial.print((char)payload[i]);
}
Serial.println();
}
void log(String info) {
SerialMon.println(info);
}
// To connect to the broker
void reconnect()
{
// Loop until we're reconnected
while (!mqttClient.connected())
{
Serial.println("Attempting MQTT connection...");
// Attempt to connect
if (mqttClient.connect(mqtt_devid))
//if (client.connect(client_name))
{
Serial.println("-----------------------------------connected-----------------------");
// Once connected, publish an announcement...
// client.publish("outTopic", "hello world");
mqttClient.publish("devices/CHANGE_TO_DEVICE_NAME_AZURE_IOT_HUB/messages/events/","Test"); // Topic to publish telemetry
// ... and resubscribe
mqttClient.subscribe("$iothub/twin/PATCH/properties/desired/#"); //Topic to subscribe Device Twin
}
else
{
Serial.print("failed, rc=");
Serial.print(mqttClient.state());
Serial.println("...try again in 5 seconds");
delay(5000);
}
}
}
void setup() {
M5.begin(true, false, true);
Serial.println(">>ATOM DTU NB MQTT TEST");
SerialAT.begin(SIM7020_BAUDRATE, SERIAL_8N1, ATOM_DTU_SIM7020_RX,
ATOM_DTU_SIM7020_TX);
log("rootca_data:"+String(root_ca));
//log("certificate_data:"+String(certificate_data));
//log("privatekey_data:"+String(privatekey_data));
ssl_client.setCACert(root_ca);
ssl_client.setCertificate(client_cert_pem_start);
ssl_client.setPrivateKey(client_key_pem_start);
nbConnect();
mqttClient.setServer(MQTT_BROKER, MQTT_PORT);
mqttClient.setCallback(callback);
}
void loop() {
// We maintain connectivity with the broker
if (!mqttClient.connected())
{
reconnect();
}
// We are listening to the events
mqttClient.loop();
delay(15000);
}
void nbConnect(void) {
unsigned long start = millis();
log("Initializing modem...");
while (!modem.init()) {
log("waiting...." + String((millis() - start) / 1000) + "s");
};
start = millis();
log("Waiting for network...");
while (!modem.waitForNetwork()) {
log("waiting...." + String((millis() - start) / 1000) + "s");
}
log("success");
}
reusables-official
commented
5 months ago I am also seeing this same error about BIGNUM. I have tried with PROGMEM and without.
Occasionally, different errors are reported:
[196206][E][ssl__client.cpp:45] _handle_error(): [start_ssl_client():353]: (-29184) SSL - An invalid SSL record was received
Another example:
}[ 1567][E][ssl__client.cpp:382] init_tcp_connection(): Connection to server failed!
[ 1629][E][ssl__client.cpp:45] _handle_error(): [start_ssl_client():353]: (-2) BIGNUM - An error occurred while reading from or writing to a file
[ 1631][E][SSLClient.cpp:235] connect(): start_ssl_client failed: 0
[ 2631][E][ssl__client.cpp:45] _handle_error(): [start_ssl_client():353]: (-12) BIGNUM - The input argument for division is zero, which is not allowed
[ 2633][E][SSLClient.cpp:235] connect(): start_ssl_client failed: 0To my recollection, these are new as of a version update. I was using 1.1.7 when I set this routine up (SSL over LTE, SIMCOM 7600G-H) and it did work at the time.
RobertByrnes
commented
5 months ago Hi @weekroom other than ssl client recieving updates has anything else changed in your code?
If your code hasn't changed then this could be tested by changing the SSLClient version to 1.1.7 in your platformio.ini file (delete your .pio) directory and allow the packages to be reinstalled.
You can then dig into the .pio directory and find the library version in the library.json file for this library. This is just to confirm that 1.1.7 is installed.
If there is nothing or little changed in your code and you are correct the issue should dissapear! In which, case I can dig into the diff for that version increase.
If not then it's something else.....
weekroom
commented
5 months ago @RobertByrnes @reusables-official I used the library from 1.1.7 and found the library version in the library's library.json file. This is just to confirm that 1.1.7 is installed. But it still returned (-2) BIGNUM - An error occurred while reading from or writing to a file. I was wondering if the version of PubSubClient library was different from yours, which caused this situation. I want to know which PubSubClient library you are using, I am using knolleary/PubSubClient@^2.8
RobertByrnes
commented
5 months ago @weekroom @reusables-official HI both, working on something here around the loading of certs. I won't be able to test on sim7020 but will test on sim800/808 with ESP32, I will have to dig out my old aws account to test this out,
@weekroom unfortunately I cannot help just yet with the PubSubClient as I haven't been using one as have been doing https rather than mqtt for what I've been working on. But will try something with AWS MQTT broker and let you know how I get on....
weekroom
commented
5 months ago @RobertByrnes Thank you for your help. I also try to use SIMCOM 7600G and sim7680C for testing, to see if I can find out what the problem is
reusables-official
commented
5 months ago Thanks all! I can also test on a simcom 7600G-h if that's helpful at all.
RobertByrnes
commented
5 months ago @weekroom @reusables-official I finally had some time to put to this! ... and it took ... some time ...
So, I needed to use the feature to add a timeout for making the initial connection with AWS, once this was done I was able to get past the -2 BUGNUM error and onto the bug. The bug was that the perform_ssl_handshake function was making a solid connection and then relying upon the return value of get_record_expansion to pass on the good connection. If record_expansion was not avilaible or returned a minus something then this told the client the connection has failed when it hadn't. I am still not 💯 on why the get_record_expansion can do this but it is only something we need to check if need to know how many extra bytes the protocol will be adding (I think most of the time this is small enough to not be a worry).
If you would like to test this against your hardware add this line to your platformio.ini instead of the usual include for SSLClient and you will pulling in the branch with this fix in.
https://github.com/govorox/sslclient.git#71-2-bignum-an-error-occurred-while-reading-from-or-writing-to-a-file
I have added below, my main.cpp file (for arduinoesp32 in platformio) just to illustrate what I went round debug wise. Also, you can see where I set the certs I also set the timeout ssl_client.setTimeout(MQTT_TIMEOUT); - You will need this edit to your code as well.
Please try and let me know your results.
#include <Arduino.h>
#include "SSLClient.h"
#include <HttpClient.h>
#include <Wire.h>
#include <PubSubClient.h>
#include <time.h>
#include <sys/time.h>
#include "ca_cert.h"
// Configure the SIM800L modem
#define MODEM_UART_BAUD 115200
#define MODEM_RST 5
#define MODEM_PWRKEY 4
#define MODEM_POWER_ON 23
#define MODEM_TX 27
#define MODEM_RX 26
#define I2C_SDA 21
#define I2C_SCL 22
#define LED_PIN 13
#define IP5306_ADDR 0x75
#define IP5306_REG_SYS_CTL0 0x00
// Configure the serial console for debug and the modem
#define serialMonitor Serial // Set serial for debug console (to the Serial Monitor)
#define serialModem Serial1 // Set serial for AT commands (to the SIM800 module)
// Configure TinyGSM library
// #define TINY_GSM_SSL_CLIENT_AUTHENTICATION // Enable SSL client authentication
// #define TINY_GSM_DEBUG serialMonitor // Debug output for TinyGSM
#define TINY_GSM_MODEM_SIM800 // Modem is SIM800
#define TINY_GSM_RX_BUFFER 1024 // Set RX buffer to 1Kb
#include <TinyGsmClient.h>
// Configure the MQTT broker
#define MQTT_BROKER "your broker here.iot.eu-west-1.amazonaws.com"
#define MQTT_PORT 8883
#define MQTT_CLIENT_ID "your unique client id"
#define MQTT_TIMEOUT 15000 // Set timeout for SSL connection (in ms)
// Create the mqtt stack
TinyGsm modem(serialModem);
TinyGsmClient tcpClient(modem);
SSLClient ssl_client(&tcpClient);
PubSubClient mqttClient(ssl_client);
// Function prototypes
void nbConnect(void);
void callback(char *topic, byte *payload, unsigned int length);
void reconnect();
bool setupPMU();
void setupModem();
void setMQTTClientParams();
bool getIpAddress(const char* domain, char* ipAddress, size_t size);
// Arduino Env. Functions
void setup() {
serialMonitor.begin(115200);
delay(100);
if (!setupPMU()) {
serialMonitor.println("Setting board power management error");
}
// Set SIM module baud rate and UART pins
serialModem.begin(115200, SERIAL_8N1, MODEM_RX, MODEM_TX);
setupModem();
nbConnect();
// Set the MQTT client parameters
setMQTTClientParams();
mqttClient.setServer(MQTT_BROKER, MQTT_PORT);
mqttClient.setCallback(callback);
}
void loop() {
// We maintain connectivity with the broker
if (!mqttClient.connected()) {
reconnect();
}
// We are listening to the events
mqttClient.loop();
delay(10000);
}
/**
* @brief Set the MQTT client parameters.
* Sets the CA certificate, client certificate, and private key for the MQTT client.
* Sets the timeout for the SSL connection.
*/
void setMQTTClientParams(void) {
//log_i("root ca data: %s", root_ca);
//log_i("certificate_data: %s", certificate_data);
//log_i("privatekey_data: %s", privatekey_data);
ssl_client.setCACert(root_ca);
ssl_client.setCertificate(client_cert_pem);
ssl_client.setPrivateKey(client_private_key_pem);
ssl_client.setTimeout(MQTT_TIMEOUT);
}
/**
* @brief Connect to the network and wait for the network to be available.
*/
void nbConnect() {
unsigned long start = millis();
log_i("Initializing modem...");
while (!modem.init()) {
log_i("waiting....%s", String((millis() - start) / 1000).c_str());
};
start = millis();
log_i("Waiting for network...");
while (!modem.waitForNetwork()) {
log_i("waiting....%s", String((millis() - start) / 1000).c_str());
}
log_i("success");
}
/**
* @brief Callback function for the MQTT client.
*
* @param topic
* @param payload
* @param length
*/
void callback(char *topic, byte *payload, unsigned int length) {
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
for (int i = 0; i < length; i++) {
Serial.print((char)payload[i]);
}
Serial.println();
}
/**
* @brief Stay connected to the MQTT broker
*/
void reconnect() {
ssl_client.setCACert(root_ca);
ssl_client.setCertificate(client_cert_pem);
ssl_client.setPrivateKey(client_private_key_pem);
ssl_client.setTimeout(MQTT_TIMEOUT);
// Loop until we're reconnected
while (!mqttClient.connected()) {
Serial.println("Attempting MQTT connection...");
// Attempt to connect
if (mqttClient.connect(MQTT_CLIENT_ID)) {
Serial.println("-----------------------------------connected-----------------------");
mqttClient.subscribe("#");
} else {
Serial.print("failed, rc=");
Serial.print(mqttClient.state());
Serial.println("...try again in 5 seconds");
delay(5000);
}
}
}
/**
* @brief Setup the IP5306 PMU for the SIM800L board
* Power configuration for SIM800L_IP5306_VERSION_20190610 (v1.3) board
*
* @return true
* @return false
*/
bool setupPMU() {
bool en = true;
Wire.begin(I2C_SDA, I2C_SCL);
Wire.beginTransmission(IP5306_ADDR);
Wire.write(IP5306_REG_SYS_CTL0);
if (en) {
Wire.write(0x37);
} else {
Wire.write(0x35);
}
return Wire.endTransmission() == 0;
}
/**
* @brief Initialize the modem and connect to the network.
*
*/
void setupModem() {
pinMode(MODEM_RST, OUTPUT);
pinMode(MODEM_PWRKEY, OUTPUT);
pinMode(MODEM_POWER_ON, OUTPUT);
pinMode(LED_PIN, OUTPUT);
// Reset pin high
digitalWrite(MODEM_RST, HIGH);
// Turn on the Modem power first
digitalWrite(MODEM_POWER_ON, HIGH);
// Pull down PWRKEY for more than 1 second according to manual requirements
digitalWrite(MODEM_PWRKEY, HIGH);
delay(200);
digitalWrite(MODEM_PWRKEY, LOW);
delay(1200);
digitalWrite(MODEM_PWRKEY, HIGH);
// Initialize the indicator as an output
digitalWrite(LED_PIN, LOW);
// Initialize modem
serialMonitor.print("Initializing modem...");
if (!modem.init()) {
serialMonitor.print(" fail... restarting modem...");
setupModem();
// Restart takes quite some time
// Use modem.init() if you don't need the complete restart
if (!modem.restart()) {
serialMonitor.println(" fail... even after restart");
return;
}
}
serialMonitor.println(" OK");
// General information
String name = modem.getModemName();
Serial.println("Modem Name: " + name);
String modem_info = modem.getModemInfo();
Serial.println("Modem Info: " + modem_info);
// Wait for network availability
serialMonitor.print("Waiting for network...");
if (!modem.waitForNetwork(240000L)) {
serialMonitor.println(" fail");
delay(10000);
return;
}
serialMonitor.println(" OK");
// Connect to the GPRS network
serialMonitor.print("Connecting to network...");
if (!modem.isNetworkConnected()) {
serialMonitor.println(" fail");
delay(10000);
return;
}
serialMonitor.println(" OK");
// Connect to APN
serialMonitor.print(F("Connecting to APN: "));
serialMonitor.print("giffgaff.com");
if (!modem.gprsConnect("giffgaff.com", "gg", "p")) {
serialMonitor.println(" fail");
delay(10000);
return;
}
digitalWrite(LED_PIN, HIGH);
serialMonitor.println(" OK");
// More info..
Serial.println("");
String ccid = modem.getSimCCID();
Serial.println("CCID: " + ccid);
String imei = modem.getIMEI();
Serial.println("IMEI: " + imei);
String cop = modem.getOperator();
Serial.println("Operator: " + cop);
IPAddress local = modem.localIP();
Serial.println("Local IP: " + String(local));
int csq = modem.getSignalQuality();
Serial.println("Signal quality: " + String(csq));
// Check for IP address
modem.sendAT(GF("+CIFSR")); // Get local IP address
char ipAddress[32];
if (getIpAddress(MQTT_BROKER, ipAddress, sizeof(MQTT_BROKER))) {
Serial.print("IP Address for ");
Serial.print(MQTT_BROKER);
Serial.print(" is ");
Serial.println(ipAddress);
} else {
Serial.println("Failed to retrieve IP address");
}
// If successful, close the TCP connection and proceed
modem.sendAT(GF("+CIPCLOSE"));
modem.waitResponse();
serialMonitor.println("Modem initialized and server reachable.");
}
/**
* @brief Get the Ip Address object
*
* @param domain
* @param ipAddress
* @param size
* @return true
* @return false
*/
bool getIpAddress(const char* domain, char* ipAddress, size_t size) {
char cmd[64];
snprintf(cmd, sizeof(cmd), "+CDNSGIP=\"%s\"", domain);
modem.sendAT(cmd);
char response[128];
unsigned long start = millis();
bool gotResponse = false;
while (millis() - start < 10000L) {
if (modem.stream.available()) {
size_t len = modem.stream.readBytesUntil('\n', response, sizeof(response) - 1);
response[len] = '\0'; // Null-terminate the string
if (strstr(response, "+CDNSGIP:")) {
gotResponse = true;
break;
}
}
}
if (gotResponse) {
// Assuming the response format is +CDNSGIP: 1,"domain","IP1","IP2"
char* startChar = strchr(response, '"');
if (startChar != NULL) {
startChar = strchr(startChar + 1, '"');
if (startChar != NULL) {
startChar = strchr(startChar + 1, '"');
if (startChar != NULL) {
char* endChar = strchr(startChar + 1, '"');
if (endChar != NULL && endChar > startChar && (size_t)(endChar - startChar - 1) < size) {
strncpy(ipAddress, startChar + 1, endChar - startChar - 1);
ipAddress[endChar - startChar - 1] = '\0'; // Ensure null-termination
return true;
}
}
}
}
}
ipAddress[0] = '\0'; // Ensure the buffer is set to empty string if no IP found
return false;
}
@RobertByrnes Very glad to receive your letter, I will sslclient1.1.10 version of the code switching to offer you the branch code https://github.com/ARMmbed/mbedtls.git#71-2-bignum-an-error-occurred-while-reading-from -or-writing-to-a-file, in platform.ini I use lib_extra_dirs =./lib/SSLClient(the branch code you provided), but actually when I run the code, I still report the previous error. At first, I wondered if the ssl connection timeout setting was too short, so I tried to use 30 or 60 seconds, but it didn't work Here's my code
#include <M5Atom.h>
#include "ATOM_DTU_NB.h"
#include <PubSubClient.h>
#include <TinyGsmClient.h>
#include <time.h>
#include <sys/time.h>
#include <SSLClient.h>
#include "ca_cert.h"
#define MQTT_BROKER "a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com"
#define MQTT_PORT 8883
#define UPLOAD_INTERVAL 10000
#define mqtt_devid "44a8c4fe642442f19c71ac54ec18d20d" //client id
#define MQTT_TIMEOUT 60000 // Set timeout for SSL connection (in ms)
TinyGsm modem(SerialAT, ATOM_DTU_SIM7020_RESET);
TinyGsmClient tcpClient(modem);
SSLClient ssl_client(&tcpClient);
PubSubClient mqttClient(ssl_client);
void nbConnect(void);
// For read the MQTT events
void callback(char *topic, byte *payload, unsigned int length)
{
Serial.print("Message arrived [");
Serial.print(topic);
Serial.print("] ");
for (int i = 0; i < length; i++)
{
Serial.print((char)payload[i]);
}
Serial.println();
}
void log(String info) {
SerialMon.println(info);
}
/**
* @brief Set the MQTT client parameters.
* Sets the CA certificate, client certificate, and private key for the MQTT client.
* Sets the timeout for the SSL connection.
*/
void setMQTTClientParams(void) {
//log_i("root ca data: %s", root_ca);
//log_i("certificate_data: %s", certificate_data);
//log_i("privatekey_data: %s", privatekey_data);
ssl_client.setCACert(root_ca);
ssl_client.setCertificate(client_cert_pem_start);
ssl_client.setPrivateKey(client_key_pem_start);
ssl_client.setTimeout(MQTT_TIMEOUT);
}
// To connect to the broker
void reconnect() {
ssl_client.setCACert(root_ca);
ssl_client.setCertificate(client_cert_pem_start);
ssl_client.setPrivateKey(client_key_pem_start);
ssl_client.setTimeout(MQTT_TIMEOUT);
// Loop until we're reconnected
while (!mqttClient.connected()) {
Serial.println("Attempting MQTT connection...");
// Attempt to connect
if (mqttClient.connect(mqtt_devid)) {
Serial.println("-----------------------------------connected-----------------------");
mqttClient.subscribe("#");
} else {
Serial.print("failed, rc=");
Serial.print(mqttClient.state());
Serial.println("...try again in 5 seconds");
delay(5000);
}
}
}
void setup() {
M5.begin(true, false, true);
Serial.println(">>ATOM DTU NB MQTT TEST");
SerialAT.begin(SIM7020_BAUDRATE, SERIAL_8N1, ATOM_DTU_SIM7020_RX,
ATOM_DTU_SIM7020_TX);
nbConnect();
// Set the MQTT client parameters
setMQTTClientParams();
mqttClient.setServer(MQTT_BROKER, MQTT_PORT);
mqttClient.setCallback(callback);
}
void loop() {
// We maintain connectivity with the broker
if (!mqttClient.connected())
{
reconnect();
}
// We are listening to the events
mqttClient.loop();
delay(30000);
}
void nbConnect(void) {
unsigned long start = millis();
log("Initializing modem...");
while (!modem.init()) {
log("waiting...." + String((millis() - start) / 1000) + "s");
};
start = millis();
log("Waiting for network...");
while (!modem.waitForNetwork()) {
log("waiting...." + String((millis() - start) / 1000) + "s");
}
log("success");
start = millis();
log("Waiting for isNetworkConnected...");
while (!modem.isNetworkConnected()) {
log("waiting...." + String((millis() - start) / 1000) + "s");
}
log("success");
//Example Query the IP address of a device
String ip = modem.getLocalIP();
log("Device IP address: " + ip);
log("success");
}Here is the return of my run error
[ 91613][V][SSLClient.cpp:404] read(): This is the iClient->read() implementation
Attempting MQTT connection...
[ 91613][V][SSLClient.cpp:404] read(): This is the iClient->read() implementation
[ 91619][V][SSLClient.cpp:404] read(): This is the iClient->read() implementation
[ 91626][V][SSLClient.cpp:168] connect(): connect with CA
[ 91631][V][SSLClient.cpp:226] connect(): Connecting to a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
[ 91640][V][SSLClient.cpp:227] connect(): Timeout value: 60000
[ 91646][V][SSLClient.cpp:228] connect(): CA Certificate: Provided
[ 91652][V][SSLClient.cpp:229] connect(): Client Certificate: Provided
[ 91658][V][SSLClient.cpp:230] connect(): Private Key: Provided
[ 91664][V][SSLClient.cpp:234] connect(): Handshake timeout set to: 60000
[ 91670][V][ssl__client.cpp:302] start_ssl_client(): Free internal heap before TLS 329548
[ 91678][V][ssl__client.cpp:303] start_ssl_client(): Connecting to a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
[ 91689][V][ssl__client.cpp:397] init_tcp_connection(): Client pointer: 0x3ffc1e78
[ 91781][E][ssl__client.cpp:400] init_tcp_connection(): Connection to server failed!
[ 91781][D][ssl__client.cpp:809] stop_ssl_socket(): Cleaning SSL connection.
[ 91784][D][ssl__client.cpp:813] stop_ssl_socket(): Stopping SSL client. Current client pointer address: 0x3ffc1e78
[ 91825][D][ssl__client.cpp:834] stop_ssl_socket(): Freeing SSL context. Current ssl_ctx address: 0x3ffb9d14
[ 91825][D][ssl__client.cpp:837] stop_ssl_socket(): Freeing SSL config. Current ssl_conf address: 0x3ffb9f34
[ 91833][D][ssl__client.cpp:840] stop_ssl_socket(): Freeing DRBG context. Current drbg_ctx address: 0x3ffba01c
[ 91843][D][ssl__client.cpp:843] stop_ssl_socket(): Freeing entropy context. Current entropy_ctx address: 0x3ffba06c
[ 91853][D][ssl__client.cpp:846] stop_ssl_socket(): Finished cleaning SSL connection.
[ 91861][D][ssl__client.cpp:254] cleanup(): Free internal heap after TLS 329548
[ 91868][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
[ 91881][V][SSLClient.cpp:239] connect(): Return value from start_ssl_client: 0
[ 91888][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
[ 91894][D][SSLClient.cpp:97] stop(): Stopping ssl client
[ 91899][D][ssl__client.cpp:809] stop_ssl_socket(): Cleaning SSL connection.
[ 91906][D][ssl__client.cpp:813] stop_ssl_socket(): Stopping SSL client. Current client pointer address: 0x3ffc1e78
[ 91947][D][ssl__client.cpp:834] stop_ssl_socket(): Freeing SSL context. Current ssl_ctx address: 0x3ffb9d14
[ 91947][D][ssl__client.cpp:837] stop_ssl_socket(): Freeing SSL config. Current ssl_conf address: 0x3ffb9f34
[ 91955][D][ssl__client.cpp:840] stop_ssl_socket(): Freeing DRBG context. Current drbg_ctx address: 0x3ffba01c
[ 91965][D][ssl__client.cpp:843] stop_ssl_socket(): Freeing entropy context. Current entropy_ctx address: 0x3ffba06c
[ 91975][D][ssl__client.cpp:846] stop_ssl_socket(): Finished cleaning SSL connection.
failed, rc=-2...try again in 5 seconds
[ 96993][V][SSLClient.cpp:404] read(): This is the iClient->read() implementation
Attempting MQTT connection...This is the correct one!!
@weekroom @reusables-official
Apologies, I put the wrong one in my original message. I have edited now...
@weekroom odd that the timeout didn't stage get you past the connection. I would have thought the sim7000 series to be more capable than sim800. Please edit the library and try again. I'd start the timeout at 15000 for a first attempt
weekroom
commented
5 months ago @RobertByrnes I have already used this branchhttps://github.com/govorox/sslclient.git#71-2-bignum-an-error-occurred-while-reading-from-or-writing-to-a-file , Something else caught my eye [159379][V][sslclient.cpp:292] start_ssl_client(): Connecting to a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883 [159390][V][sslclient.cpp:379] init_tcp_connection(): Client pointer: 0x3ffc1e70 [159482][E][ssl__client.cpp:382] init_tcp_connection(): Connection to server failed!, I use the same code, but when I change the aws address to the azure address, I don't get a read or write file error, I just report a certificate error, and when I connect to aws it reports a read or write file error and says that the server port failed to connect.
RobertByrnes
commented
5 months ago Hi @weekroom The little bit of log you shared in your last message is the same as what I saw yesterday before I added the timeout. The code never made it past the init_tcp_connection function before failing means it called the underlying transport client TinyGsmClients connect function and was not able to make a connect. It didn't get anywhere near as far as doing an actual handshake. Once I added the timeout I was then able to get as far as the bug just after the handshake....
Here is the output from plugging in LillyGo T-Call ESP32 SIM800L with giffgaff sim card just a second ago - this is a good example to share as where I am right now has a poor and flaky signal causing an intermittent connection:
---- Opened the serial port COM5 ----
ets Jul 29 2019 12:21:46
rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:1184
load:0x40078000,len:13232
load:0x40080400,len:3028
entry 0x400805e4
[ 141][I][esp32-hal-i2c.c:75] i2cInit(): Initialising I2C Master: sda=21 scl=22 freq=100000
Initializing modem... OK
Modem Name: SIMCOM SIM800L
Modem Info: SIM800 R14.18
Waiting for network... OK
Connecting to network... OK
Connecting to APN: giffgaff.com OK
CCID: SANITISED
IMEI: SANITISED
Operator: O2
Local IP: 4005466634
Signal quality: 7
IP Address for SANITISED-ats.iot.eu-west-1.amazonaws.com is 18.xxx.xxx.1x8
Modem initialized and server reachable.
[ 18098][I][main.cpp:107] nbConnect(): Initializing modem...
[ 18123][I][main.cpp:112] nbConnect(): Waiting for network...
[ 18129][I][main.cpp:116] nbConnect(): success
Attempting MQTT connection...
[ 51397][E][ssl__client.cpp:731] perform_ssl_handshake(): SSL handshake timeout
[ 51406][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-1) ERROR - Generic error
[ 51407][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
failed, rc=-2...try again in 5 seconds
Attempting MQTT connection...
[ 70429][E][ssl__client.cpp:400] init_tcp_connection(): Connection to server failed!
[ 70433][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
[ 70438][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
failed, rc=-2...try again in 5 seconds
Attempting MQTT connection...
[ 89463][E][ssl__client.cpp:400] init_tcp_connection(): Connection to server failed!
[ 89468][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
[ 89472][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
failed, rc=-2...try again in 5 seconds
Attempting MQTT connection...
[115964][I][SSLClient.cpp:248] connect(): SSL connection established
-----------------------------------connected-----------------------
Message arrived [production/hub/SANITISED] {"e":"rcp","p":SANITISED}
---- Closed serial port COM5 due to disconnection from the machine ----This is great because you can see:
First - Made the connection before timing out in perform_ssl_handshake due to poor / intermittent connection Second - Didn't even make it past init_tcp_connection and threw the -2 BIGNUM error Third - Same as second BIGNUM error Fourth - SSL connection established and control returned from ssl__client.cpp to SSLClient.cpp then the line shows an incoming message on the MQTT subscription....
You might add to your code the bit which uses HTTPS to check the server can be reached and pulls out the IP address, which is interesting as the AWS servers change IP Address often. Also, the output with the signal strength may be interesting to see.
| CSQ Value | RSSI (dBm) | Description |
|---|---|---|
| 0 | -113 dBm or less | No signal |
| 1-2 | -111 dBm to -109 dBm | Very poor signal |
| 3-9 | -107 dBm to -93 dBm | Poor signal |
| 10-14 | -91 dBm to -83 dBm | Fair signal |
| 15-19 | -81 dBm to -73 dBm | Good signal |
| 20-30 | -71 dBm to -53 dBm | Very good signal |
| 31 | -51 dBm or more | Excellent signal |
From the table above you can see that the signal strength shown by my log is for a poor signal....
weekroom
commented
4 months ago @RobertByrnes I added the return signal value and got the aws server ip in the actual running process, and although my signal was good, the connection process was still the same as before.
10:18:04.954 > rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
10:18:04.968 > configsip: 188777542, SPIWP:0xee
10:18:04.968 > clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
10:18:04.968 > mode:DIO, clock div:1
10:18:04.968 > load:0x3fff0030,len:1344
10:18:04.968 > load:0x40078000,len:13964
10:18:04.968 > load:0x40080400,len:3600
10:18:04.985 > entry 0x400805f0
10:18:05.210 > M5Atom initializing...OK
10:18:05.210 > >>ATOM DTU NB MQTT TEST
10:18:05.218 > Signal quality: 16
10:18:05.257 > IP Address for a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com is 18.189.240.209
10:18:05.273 > Modem initialized and server reachable.
10:18:05.273 > Initializing modem...
10:18:05.273 > [ 133][E][esp32-hal-gpio.c:102] __pinMode(): Invalid pin selected
10:18:05.289 > E (116) gpio: gpio_set_level(227): GPIO output gpio_num error
10:18:05.568 > E (421) gpio: gpio_set_level(227): GPIO output gpio_num error
10:18:10.633 > Waiting for network...
10:18:10.633 > success
10:18:10.633 > Waiting for isNetworkConnected...
10:18:10.636 > success
10:18:10.636 > Device IP address: 100.29.26.194
10:18:10.663 > success
10:18:10.663 > Attempting MQTT connection...
10:18:10.738 > [ 5604][E][ssl__client.cpp:401] init_tcp_connection(): Connection to server failed, is the signal good, server available at this address and timeout sufficient? a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
10:18:10.777 > [ 5643][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
10:18:10.791 > [ 5645][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
10:18:10.824 > failed, rc=-2...try again in 5 seconds
10:18:25.817 > Attempting MQTT connection...
10:18:25.913 > [ 20775][E][ssl__client.cpp:401] init_tcp_connection(): Connection to server failed, is the signal good, server available at this address and timeout sufficient? a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
10:18:25.945 > [ 20814][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
10:18:25.960 > [ 20815][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
10:18:25.991 > failed, rc=-2...try again in 5 seconds
10:18:40.985 > Attempting MQTT connection...
10:18:41.081 > [ 35938][E][ssl__client.cpp:401] init_tcp_connection(): Connection to server failed, is the signal good, server available at this address and timeout sufficient? a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
10:18:41.113 > [ 35977][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
10:18:41.129 > [ 35979][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
10:18:41.160 > failed, rc=-2...try again in 5 seconds
10:18:56.168 > Attempting MQTT connection...
10:18:56.239 > [ 51110][E][ssl__client.cpp:401] init_tcp_connection(): Connection to server failed, is the signal good, server available at this address and timeout sufficient? a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
10:18:56.271 > [ 51149][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
10:18:56.286 > [ 51151][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
10:18:56.317 > failed, rc=-2...try again in 5 seconds
10:19:11.318 > Attempting MQTT connection...
10:19:11.417 > [ 66273][E][ssl__client.cpp:401] init_tcp_connection(): Connection to server failed, is the signal good, server available at this address and timeout sufficient? a31klw4qph0psl-ats.iot.us-east-2.amazonaws.com:8883
10:19:11.449 > [ 66312][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-2) BIGNUM - An error occurred while reading from or writing to a file
10:19:11.465 > [ 66314][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
10:19:11.468 > failed, rc=-2...try again in 5 secondsWhat is this bit in your log about?
10:18:05.273 > [ 133][E][esp32-hal-gpio.c:102] __pinMode(): Invalid pin selected
10:18:05.289 > E (116) gpio: gpio_set_level(227): GPIO output gpio_num error
10:18:05.568 > E (421) gpio: gpio_set_level(227): GPIO output gpio_num errorI am also wondering what is the TinyGsm rx buffer delcared as?
In my code it is here:
// Configure TinyGSM library
// #define TINY_GSM_SSL_CLIENT_AUTHENTICATION
// Enable SSL client authentication
// #define TINY_GSM_DEBUG serialMonitor
// Debug output for TinyGSM
#define TINY_GSM_MODEM_SIM800 // Modem is SIM800
#define TINY_GSM_RX_BUFFER 1024 // Set RX buffer to 1Kb
#include <TinyGsmClient.h>Is that handled in one of these files?
#include <M5Atom.h>
#include "ATOM_DTU_NB.h"@RobertByrnes hi,About GPIO output gpio_num error, this one is to RESET the reset module. My library requires this one, but my colleague did not draw out this pin on the board, I think it will not affect the later network operation.
TINY_GSM_RX_BUFFER 1024 // Set RX buffer to 1Kb one is added in my 7020.h file
#ifndef SRC_TINYGSMCLIENTSIM7020_H_
#define SRC_TINYGSMCLIENTSIM7020_H_
// #pragma message("TinyGSM: TinyGsmClientSIM7020")
#define TINY_GSM_DEBUG Serial
// #define TINY_GSM_USE_HEX
#ifdef __AVR__
#define TINY_GSM_RX_BUFFER 32
#else
#define TINY_GSM_RX_BUFFER 1024
#endifI have an idea whether it is the tcp/ip protocol problem under my 7020.h file, resulting in it not being able to access aws normally
reusables-official
commented
4 months ago Chiming in to say I have updated to 1.2.0 but still see intermittent occurrences of the BIGNUM error:
[346279][E][ssl__client.cpp:169] client_net_send(): Not connected!
[346279][E][ssl__client.cpp:46] _handle_error(): [send_ssl_data():900]: (-2) BIGNUM - An error occurred while reading from or writing to a file
[346287][E][SSLClient.cpp:384] write(): Error sending data to SSL connection. Stopping SSLClient...Intermittently, I also see this error:
[269581][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-29184) SSL - An invalid SSL record was received
[269581][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0And then other times, using the same exact code, the request succeeds without issue. My setup:
HardwareSerial gsmSerial(1);
TinyGsm modem(gsmSerial);
TinyGsmClient gsmClient(modem, 0);
SSLClient secure_layer_lte(&gsmClient);
HttpClient lte_ssl_client = HttpClient(secure_layer_lte, API_HOST, PORT);
void lteInit() {
gsmSerial.begin(BAUD_RATE, SERIAL_8N1, LTE_RX, LTE_TX, false);
secure_layer_lte.setCACert(api_root_ca);
modem.init();
modem.setNetworkMode(38);
}int statusPing(HttpClient client) {
int err = client.get(API_ENDPOINTS.status);
if (err != 0) {
Serial.print("GET ping failed: ");
Serial.println(err);
} else {
Serial.println("Ping completed");
int status = client.responseStatusCode();
Serial.println("Ping reponse status: " + status);
String response = client.responseBody();
Serial.println("Ping response body: " + response);
}
client.stop();
return err == 0 ? 1 : 0;
}@RobertByrnes hi,About GPIO output gpio_num error, this one is to RESET the reset module. My library requires this one, but my colleague did not draw out this pin on the board, I think it will not affect the later network operation.
TINY_GSM_RX_BUFFER 1024 // Set RX buffer to 1Kb one is added in my 7020.h file #ifndef SRC_TINYGSMCLIENTSIM7020_H_ #define SRC_TINYGSMCLIENTSIM7020_H_ // #pragma message("TinyGSM: TinyGsmClientSIM7020") #define TINY_GSM_DEBUG Serial // #define TINY_GSM_USE_HEX #ifdef __AVR__ #define TINY_GSM_RX_BUFFER 32 #else #define TINY_GSM_RX_BUFFER 1024 #endifI have an idea whether it is the tcp/ip protocol problem under my 7020.h file, resulting in it not being able to access aws normally
Hi @weekroom I am of the same mind. An issue with the underlying client.
RobertByrnes
commented
4 months ago Chiming in to say I have updated to 1.2.0 but still see intermittent occurrences of the BIGNUM error:
[346279][E][ssl__client.cpp:169] client_net_send(): Not connected! [346279][E][ssl__client.cpp:46] _handle_error(): [send_ssl_data():900]: (-2) BIGNUM - An error occurred while reading from or writing to a file [346287][E][SSLClient.cpp:384] write(): Error sending data to SSL connection. Stopping SSLClient...Intermittently, I also see this error:
[269581][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-29184) SSL - An invalid SSL record was received [269581][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0And then other times, using the same exact code, the request succeeds without issue. My setup:
HardwareSerial gsmSerial(1); TinyGsm modem(gsmSerial); TinyGsmClient gsmClient(modem, 0); SSLClient secure_layer_lte(&gsmClient); HttpClient lte_ssl_client = HttpClient(secure_layer_lte, API_HOST, PORT); void lteInit() { gsmSerial.begin(BAUD_RATE, SERIAL_8N1, LTE_RX, LTE_TX, false); secure_layer_lte.setCACert(api_root_ca); modem.init(); modem.setNetworkMode(38); }int statusPing(HttpClient client) { int err = client.get(API_ENDPOINTS.status); if (err != 0) { Serial.print("GET ping failed: "); Serial.println(err); } else { Serial.println("Ping completed"); int status = client.responseStatusCode(); Serial.println("Ping reponse status: " + status); String response = client.responseBody(); Serial.println("Ping response body: " + response); } client.stop(); return err == 0 ? 1 : 0; }
@reusables-official This is what I experienced with poorer signal. I think this flakeyness is due to a combination of factors based on hardware, TinyGsm modem and whatever TCP client is used whether is it TinyGsmClient, TinyGsmClientSecure or another one. I suspect it is down to memory limits requiring a longer period of stable connection to get the data from A to B. I'm sure those things could be made known and optimised with time amd a bunch of pull requests
reusables-official
commented
4 months ago Thanks for the input! Our signal strength is around 26, which is pretty decent, but the antenna is also in a fairly tight space so I will continue to monitor and see if exposing the antenna eliminates this flakiness.
From: Robert Byrnes @.> Sent: 08 May 2024 23:13 To: govorox/SSLClient @.> Cc: Reusables Technology @.>; Mention @.> Subject: Re: [govorox/SSLClient] (-2) BIGNUM - An error occurred while reading from or writing to a file (Issue #71)
Chiming in to say I have updated to 1.2.0 but still see intermittent occurrences of the BIGNUM error:
[346279][E][sslclient.cpp:169] client_net_send(): Not connected! [346279][E][sslclient.cpp:46] _handle_error(): [send_ssl_data():900]: (-2) BIGNUM - An error occurred while reading from or writing to a file [346287][E][SSLClient.cpp:384] write(): Error sending data to SSL connection. Stopping SSLClient...
Intermittently, I also see this error:
[269581][E][ssl__client.cpp:46] _handle_error(): [start_ssl_client():371]: (-29184) SSL - An invalid SSL record was received [269581][E][SSLClient.cpp:242] connect(): start_ssl_client failed: 0
And then other times, using the same exact code, the request succeeds without issue. My setup:
HardwareSerial gsmSerial(1); TinyGsm modem(gsmSerial); TinyGsmClient gsmClient(modem, 0);
SSLClient secure_layer_lte(&gsmClient); HttpClient lte_ssl_client = HttpClient(secure_layer_lte, API_HOST, PORT);
void lteInit() { gsmSerial.begin(BAUD_RATE, SERIAL_8N1, LTE_RX, LTE_TX, false); secure_layer_lte.setCACert(api_root_ca); modem.init(); modem.setNetworkMode(38); }
int statusPing(HttpClient client) { int err = client.get(API_ENDPOINTS.status); if (err != 0) { Serial.print("GET ping failed: "); Serial.println(err); } else { Serial.println("Ping completed"); int status = client.responseStatusCode(); Serial.println("Ping reponse status: " + status); String response = client.responseBody(); Serial.println("Ping response body: " + response); } client.stop(); return err == 0 ? 1 : 0; }
@reusables-officialhttps://github.com/reusables-official This is what I experienced with poorer signal. I think this flakeyness is due to a combination of factors based on hardware, TinyGsm modem and whatever TCP client is used whether is it TinyGsmClient, TinyGsmClientSecure or another one. I suspect it is down to memory limits requiring a longer period of stable connection to get the data from A to B. I'm sure those things could be made known and optimised with time amd a bunch of pull requests
— Reply to this email directly, view it on GitHubhttps://github.com/govorox/SSLClient/issues/71#issuecomment-2101489825, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BEO57BJSKHBUQXWVL5JBFL3ZBKIO3AVCNFSM6AAAAABGSKWZDSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMBRGQ4DSOBSGU. You are receiving this because you were mentioned.Message ID: @.***>
weekroom
commented
4 months ago @RobertByrnes Sir, thank you for your help during this time. Your updated 1.2 version of the library is completely OK. In fact, there is indeed a problem with the AT instruction of the tcp/ip underlying protocol of 7020. I was able to connect completely with 7028.🍻🍻🍻
heydan98
commented
3 months ago Hello everyone, I just tried to use esp32 wroom 32u to send data to aws via sim7080G but got an error when connecting. Has anyone had the same problem as me and please let me know how I can fix it: 21:43:28.241 -> start to write the root CA, device certificate and device private key to the modem 21:43:29.268 -> INITFS SUCCESS 21:43:29.268 ->
21:43:29.699 -> Writing:1210 overage:0 21:43:29.699 -> Wirte done!!! 21:43:30.726 -> INITFS SUCCESS 21:43:30.726 ->
21:43:31.157 -> Writing:1225 overage:0 21:43:31.157 -> Wirte done!!! 21:43:32.185 -> INITFS SUCCESS 21:43:32.185 ->
21:43:32.749 -> Writing:1680 overage:0 21:43:32.749 -> Wirte done!!! 21:43:32.749 -> Step 8 done ! 21:43:32.749 -> ............................................................................Step 9 21:43:32.749 -> start to configure the TLS/SSL parameters 21:43:33.908 -> 21:43:33.908 -> +SMCONF:
21:43:33.908 -> CLIENTID: "Raspi"
21:43:33.908 -> URL: "a3rzyndk1wefwy.iot.us-west-2.amazonaws.com",8883
21:43:33.908 -> KEEPTIME: 60
21:43:33.908 -> USERNAME: ""
21:43:33.908 -> PASSWORD: ""
21:43:33.908 -> CLEANSS: 1
21:43:33.908 -> QOS: 0
21:43:33.908 -> TOPIC: ""
21:43:33.908 -> MESSAGE: ""
21:43:33.908 -> RETAIN: 0
21:43:33.908 -> SUBHEX: 0
21:43:33.908 -> ASYNCMODE: 0 21:43:33.908 -> 21:43:33.908 -> OK 21:43:33.908 -> 21:43:34.139 -> SSL with root CA and device certificate set up successfully! 21:43:34.173 -> 21:43:34.173 -> +SMSSL: 1,"rootCA.pem","deviceCert.crt" 21:43:34.173 -> 21:43:34.173 -> OK 21:43:34.173 -> 21:43:34.173 -> Step 9 done ! 21:43:34.173 -> ............................................................................Step 10 21:43:34.173 -> start to connect AWS IOT Core 21:43:34.173 -> Connecting to AWS IOT Core ... 21:44:34.164 -> [123226] ### Unhandled: +CNACT: 0,1,"9.96.39.174" 21:44:34.164 -> +CNACT: 1,0,"0.0.0.0" 21:44:34.197 -> +CNACT: 2,0,"0.0.0.0" 21:44:34.197 -> +CNACT: 3,0,"0.0.0.0" 21:44:34.197 -> 21:44:34.197 -> OK 21:44:34.197 -> No valid response, retrying connect ...
Hello, I am using sim7020 and esp32 to connect to AWS MQTT and I have used digitaldragon/SSLClient@1.1.10 for ssl encryption. However, in the running process, I found that the certificate file cannot be read normally. I also refer to other people's relevant Settings for the certificate, and the relevant format is correct, but I do not know why the file cannot be read normally. I have used mqttfx to verify that the certificate is valid and can normally connect to AWS. [ 6135][E][ssl__client.cpp:45] _handle_error(): [start_ssl_client():353]: (-2) BIGNUM - An error occurred while reading from or writing to a file This is my code
This is my certificate format
This is my log