Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected #78

Closed
mfakbar127 opened this issue Jan 25, 2022 · 2 comments
Closed

X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected #78

mfakbar127 opened this issue Jan 25, 2022 · 2 comments

Comments

@mfakbar127
Copy link

mfakbar127 commented Jan 25, 2022
edited
Loading

i got an error when i want to use HTTPS with root_ca.pem

Here is the log

[V][HTTPClient.cpp:245] beginInternal(): url: https://192.168.18.192/x
[D][HTTPClient.cpp:293] beginInternal(): protocol: https, host: 192.168.18.192 port: 443 url: /x
[D][HTTPClient.cpp:579] sendRequest(): request type: 'GET' redirCount: 0

[V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 267404
[V][ssl_client.cpp:65] start_ssl_client(): Starting socket
[V][ssl_client.cpp:104] start_ssl_client(): Seeding the random number generator
[V][ssl_client.cpp:113] start_ssl_client(): Setting up the SSL/TLS structure...
[V][ssl_client.cpp:129] start_ssl_client(): Loading CA cert
[E][ssl_client.cpp:36] _handle_error(): [start_ssl_client():138]: (-8576) X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected
[E][WiFiClientSecure.cpp:133] connect(): start_ssl_client: -8576
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[D][HTTPClient.cpp:1118] connect(): failed connect to 192.168.18.192:443
[W][HTTPClient.cpp:1417] returnError(): error(-1): connection refused
[E][esp32fota.cpp:444] execHTTPcheck(): Error on HTTP request
[D][HTTPClient.cpp:400] disconnect(): tcp is closed

[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.

How my root_ca.pem looks like

-----BEGIN CERTIFICATE-----
MIICNzCCAd2gAwIBAgIUDanrxeh8iZsiFFdKoakZxWCZzmcwCgYIKoZIzj0EAwIw
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
MvaV54fWuY4CIQCXAscqWiIcjOU6nL7gFH/rp01HR20J5ciAOe7R5IYS+A==
-----END CERTIFICATE-----
@daverathbone
Copy link

I also had this error, no matter what cert used.. Fix was not using a SSL cert on ESP32 end but embedding user and password in Get header. Don't forget your encrypted anyway with HTTPS get. Then setting your server to only except file transfer on getting the embedded header values . It also stops your ESP32 having an out of date SSL cert and never updating via OTA.

@chrisjoyce911
Copy link
Owner

You might like to test an upcoming patch #79

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrisjoyce911 @daverathbone @mfakbar127