Very unstable SSL with SIM7000E

[cezarg1410]

[x ] I have read the Troubleshooting section of the ReadMe

What type of issues is this?

[ ] Request to support a new module

[ ] Bug or problem compiling the library [x ] Bug or issue with library functionality (ie, sending data over TCP/IP) [ ] Question or request for help

What are you working with?

Modem: SimCom 7000E Main processor board: ESP32 TinyGSM version:Latest

#include "SSLClient.h"
#include "certs.h"
#include <HardwareSerial.h>

#define GSM_RX 27
#define GSM_TX 14

#define TEENSY_RX 16
#define TEENSY_TX 17

#define MODEM_PWRKEY 25

// Select your modem:
#define TINY_GSM_MODEM_SIM7000
//#define CONFIG_MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 1024
#define TINY_GSM_RX_BUFFER 1024

#include <TinyGsmClient.h>
#include <ArduinoHttpClient.h>

HardwareSerial SerialAT(1);      //gsm
HardwareSerial SerialTeensy(2);  //teensy

#define SerialMon Serial
#define TINY_GSM_DEBUG SerialMon
#define TINY_GSM_USE_GPRS true

#define DUMP_AT_COMMANDS
#ifdef DUMP_AT_COMMANDS
#include <StreamDebugger.h>
StreamDebugger debugger(SerialAT, SerialMon);
TinyGsm        modem(debugger);
#else
TinyGsm        modem(SerialAT);
#endif
//TinyGsm modem(SerialAT);
TinyGsmClient gsm_transpor_layer(modem, 0);
SSLClient secure_presentation_layer(&gsm_transpor_layer);
HttpClient client = HttpClient(secure_presentation_layer, server, 443);

unsigned long prevFinished = 0;

void setup() {
#ifdef TINY_GSM_DEBUG
  SerialMon.begin(115200);
  delay(10);
#endif

  logTextLine("Wait...");

  SerialAT.begin(115200, SERIAL_8N1, GSM_RX, GSM_TX);
  while (!SerialAT)
    ;

  SerialTeensy.begin(115200, SERIAL_8N1, TEENSY_RX, TEENSY_TX);
  while (!SerialTeensy)
    ;

  setupModem();
  secure_presentation_layer.setCACert(ca);
  secure_presentation_layer.setCertificate(client_crt);
  secure_presentation_layer.setPrivateKey(client_key);
}

bool sending = false;
String dataToSend = "";

void loop() {
  String text = ">32;92;0272;022c;025e;0259;21ff;0228a0;d8;00";
  if (!sending && text.startsWith(">") && text.length() > 2 && (millis() - prevFinished > 15000)) {
    logText("Received >>");
    logText(text);
    logTextLine("<<");
    if (!modem.init()) {
      logTextLine(" fail... restarting modem...");
      setupModem();
      // Restart takes quite some time
      // Use modem.init() if you don't need the complete restart
      if (!modem.restart()) {
        logTextLine(" fail... even after restart");
        return;
      }
    }
    logTextLine(" Modem initialized");

    sending = true;
    dataToSend = text.substring(1);
    logText("Sending: ");
    logTextLine(dataToSend);

    if (send()) {
      logTextLine("Successfully send data");
    } else {
      logTextLine("Sending data failed");
    }
    sending = false;
    dataToSend = "";
    prevFinished = millis();
  }
}
bool send() {
  if (!waitForNetwork() || !connectToNetwork() || !setupGprs()) {
    return false;
  }

  logTextLine("Performing HTTPS POST request... ");
  client.post(resource, "application/json", "{\"data\":\"" + dataToSend + "\"}");

  int status_code = client.responseStatusCode();

  logText("Status code: ");
  logTextLine(status_code);

  if (status_code <= 0) {
    setupModem();
    return false;    
  }

  client.stop();
  modem.gprsDisconnect();
  modem.poweroff();
  logTextLine("Server disconnected");

  return status_code == 200;
}

void turnModemOn() {
  pinMode(MODEM_PWRKEY, OUTPUT);
  digitalWrite(MODEM_PWRKEY, LOW);
  delay(1000);  //Datasheet Ton mintues = 1S
  digitalWrite(MODEM_PWRKEY, HIGH);
}

void turnModemOff() {
  digitalWrite(MODEM_PWRKEY, LOW);
  delay(1500);  //Datasheet Ton mintues = 1.2S
  digitalWrite(MODEM_PWRKEY, HIGH);
}

void setupModem() {
  logTextLine("Restarting modem");
  turnModemOff();
  delay(1000);
  turnModemOn();
  delay(5000);

  logTextLine("Initializing modem...");
  modem.restart();
  modem.setNetworkMode(2);  //automatic

  String modemInfo = modem.getModemInfo();
  logText("Modem Info: ");
  logTextLine(modemInfo);

  logText("Signal strength: ");
  logTextLine(modem.getSignalQuality());
}

bool waitForNetwork() {
  logText("Waiting for network...");
  if (!modem.waitForNetwork()) {
    logTextLine(" fail");
    return false;
  }
  logTextLine(" success");
  return true;
}

bool connectToNetwork() {
  if (modem.isNetworkConnected()) {
    logTextLine("Network connected");
    return true;
  } else {
    return false;
  }
}

bool setupGprs() {
  // GPRS connection parameters are usually set after network registration
  logText("Connecting to ");
  logText(apn);
  if (!modem.gprsConnect(apn, gprsUser, gprsPass)) {
    logTextLine(" fail");
    return false;
  }
  logTextLine(" success");

  if (modem.isGprsConnected()) {
    logTextLine("GPRS connected");
    return true;
  }
  return false;
}

void logTextLine(String line) {
#ifdef TINY_GSM_DEBUG
  SerialMon.println(line);
#endif
}

void logTextLine(int line) {
#ifdef TINY_GSM_DEBUG
  SerialMon.println(line);
#endif 
}

void logText(String line) {
#ifdef TINY_GSM_DEBUG
  SerialMon.print(line);
#endif
}

void logText(int line) {
#ifdef TINY_GSM_DEBUG
  SerialMon.print(line);
#endif
}

Expected result

HTTPS POST should be successfull. Almost exactly the same code works perfectly on SIM800L - i just need to replace #define TINY_GSM_MODEM_SIM7000 with TINY_GSM_MODEM_SIM800 and remove setNetworkMode and it works like i charm.

Actual result

Sometimes (let's say 1 of 10 requests) it works. Usually it doesn't work. The error usually is: [SSLClient.cpp:110] connect(): start_ssl_client: -1 or [SSLClient.cpp:110] connect(): start_ssl_client: -2

But i am 100% sure it is nor SSLClient library issue.

Debug and AT command log

Received >>>32;92;0272;022c;025e;0259;21ff;0228a0;d8;00<<
AT

+CFUN: 1

+CPIN: READY

SMS Ready
AT
AT

OK
ATE0
AT

OK
AT+CMEE=0
ATE0

OK
AT+CLTS=1

OK
AT+CBATCHK=1

OK
AT+CPIN?

OK

+CPIN: READY

OK
AT

OK
ATE0

OK
AT+CMEE=0

OK
AT+CLTS=1

OK
AT+CBATCHK=1

OK
AT+CPIN?

+CPIN: READY

OK
 Modem initialized
Sending: 32;92;0272;022c;025e;0259;21ff;0228a0;d8;00
Waiting for network...AT+CEREG?

+CEREG: 0,4

OK
AT+CGREG?

+CGREG: 0,2
.... (17 times that combination of 0,4 and 0,2)

OK
AT+CEREG?

+CEREG: 0,4

OK
AT+CGREG?

+CGREG: 0,1

OK
 success
AT+CEREG?

+CEREG: 0,4

OK
AT+CGREG?

+CGREG: 0,1

OK
Network connected
Connecting to darmowyAT+CIPSHUT

DST: 0

*PSUTTZ: 23/03/12,22:09:23","+04",0

SHUT OK
AT+CGATT=0

DST: 0

*PSUTTZ: 23/03/12,22:09:23","+04",0

OK
AT+SAPBR=3,1,"Contype","GPRS"

OK
AT+SAPBR=3,1,"APN","darmowy"

OK
AT+CGDCONT=1,"IP","darmowy"

OK
AT+CGATT=1

OK
AT+CGACT=1,1

DST: 0

*PSUTTZ: 23/03/12,22:09:25","+04",0

OK
AT+SAPBR=1,1

OK
AT+SAPBR=2,1

+SAPBR: 1,1,"100.82.248.253"

OK
AT+CIPMUX=1

OK
AT+CIPQSEND=1

OK
AT+CIPRXGET=1

OK
AT+CSTT="darmowy","",""

100.82.248.253

OK
 success
AT+CGATT?

+CGATT: 1

OK
AT+CIFSR;E0

100.82.248.253

OK
GPRS connected
Performing HTTPS POST request... 
[103647][D][SSLClient.cpp:103] connect(): Connecting to xxx.com (deleted address on purpose)
[103647][V][ssl_client.cpp:156] start_ssl_client(): Free internal heap before TLS 326684
[103655][D][ssl_client.cpp:158] start_ssl_client(): Connecting to xxx.com
AT+CIPCLOSE=0

ERROR
AT+CIPSTART=0,"TCP","xxx.com",443

OK

, CONNECT OK
[108274][V][ssl_client.cpp:172] start_ssl_client(): Seeding the random number generator
[108275][V][ssl_client.cpp:181] start_ssl_client(): Setting up the SSL/TLS structure...
[108278][V][ssl_client.cpp:194] start_ssl_client(): Loading CA cert
[108288][V][ssl_client.cpp:242] start_ssl_client(): Loading CRT cert
[108294][V][ssl_client.cpp:249] start_ssl_client(): Loading private key
[108301][V][ssl_client.cpp:259] start_ssl_client(): Setting hostname for TLS session...
[108305][V][ssl_client.cpp:272] start_ssl_client(): Setting up IO callbacks...
[108311][V][ssl_client.cpp:276] start_ssl_client(): Performing the SSL/TLS handshake...
AT+CIPSEND=0,310

DATA ACCEPT:0,310
[108363][D][ssl_client.cpp:136] client_net_send(): SSL client TX res=310 len=310
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOMEIP (deleted on purpose)","443","CONNECTED"

OK

+CIPRXGET: 1,0
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,1348

OK
AT+CIPRXGET=2,0,1023

+CIPRXGET: 2,0,1023,325

OK
[108943][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 120ms)
[108948][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=67 expected=67 in 0ms)
[108957][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,1673

OK
AT+CIPRXGET=2,0,1023

+CIPRXGET: 2,0,1023,650
OK
AT+CIPRXGET=2,0,650

+CIPRXGET: 2,0,650,210
OK
[109147][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=2321 expected=2321 in 181ms)
[109588][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[109588][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=115 expected=115 in 0ms)
[110028][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,210

OK
AT+CIPRXGET=2,0,210

+CIPRXGET: 2,0,210,0
OK
[110064][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=374 expected=374 in 35ms)
[110068][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=5 expected=5 in 0ms)
[110077][D][ssl_client.cpp:98] client_net_recv_timeout(): SSL client RX (received=4 expected=4 in 0ms)
AT+CIPSEND=0,1064

DATA ACCEPT:0,1064
[110197][D][ssl_client.cpp:136] client_net_send(): SSL client TX res=1064 len=1064
AT+CIPSEND=0,42

DATA ACCEPT:0,42
[110645][D][ssl_client.cpp:136] client_net_send(): SSL client TX res=42 len=42

AT+CIPSEND=0,269
[111157][D][ssl_client.cpp:136] client_net_send(): SSL client TX res=269 len=269
DATA ACCEPT:0,269

AT+CIPSEND=0,6
DATA ACCEPT:0,6
[111165][D][ssl_client.cpp:136] client_net_send(): SSL client TX res=6 len=6
AT+CIPSEND=0,45

DATA ACCEPT:0,45
[111177][D][ssl_client.cpp:136] client_net_send(): SSL client TX res=45 len=45
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OKAT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CONNECTED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK

(many times connected and then...)
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","REMOTE CLOSING"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","REMOTE CLOSING"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

(many times remote closing)

AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CLOSED"

OK
AT+CIPRXGET=4,0

+CIPRXGET: 4,0,0

OK
AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CLOSED"

OK

(many times CLOSED)

AT+CIPSTATUS=0

+CIPSTATUS: 0,0,"TCP","SOME.IP.ADDRESS","443","CLOSED"

OK
[228327][E][SSLClient.cpp:110] connect(): start_ssl_client: -1
[228327][V][ssl_client.cpp:330] stop_ssl_socket(): Cleaning SSL connection.
AT+CIPCLOSE=0

ERROR
Status code: -2
Restarting modem

[bastienboudet]

For SSL support on sim7000E you should use TINY_GSM_MODEM_SIM7000SSL instead of TINY_GSM_MODEM_SIM7000. There is an implementation in the exemple section

[cezarg1410]

I've tried TINY_GSM_MODEM_SIM7000SSL too without success - actually very similar errors occured. Anyway i throw into the trash SIM7000E and replaced it with SIM7600G. And now it works as it should - without any issues