EHS6 could not work with SSL | Telit Cinterion IoT Developer Community
September 14, 2015 - 10:17am, 17856 views
Hello
Today i was playing with SSL on EHS6 and i have received below this error.
javax.microedition.pki.CertificateException: Certificate failed verification
- com.sun.midp.ssl.SSLStreamConnection.GenerateException(), bci=47
- com.sun.midp.ssl.SSLStreamConnection.<init>(), bci=264
- com.sun.midp.io.j2me.https.Protocol.connect(), bci=198
- com.sun.midp.io.j2me.http.Protocol.streamConnect(), bci=108
- com.sun.midp.io.j2me.http.Protocol.startRequest(), bci=7
- com.sun.midp.io.j2me.http.Protocol.sendRequest(), bci=33
- com.sun.midp.io.j2me.http.Protocol.sendRequest(), bci=3
- com.sun.midp.io.j2me.https.Protocol.getSecurityInfo(), bci=5
- posthtml.PostHtml.startApp(PostHtml.java:135)
The first i downloaded ssl info form www.google.com page with format .der
after that i have used a tool to generate certificate code.
1 >java -jar jseccmd.jar -cmd AddHttpsCertificateUntrusted -filename d:\-.google.der > AddHttpsCertificateUntrusted.bin
2 > On Ehs6 i changed on http mode to https mode by below command and install cerficate
at^sjmsec="cmd",0B00310001000500020001
at^sjmsec="file",AddHttpsCertificateUntrusted.bin
3> Check again i want to sure it have installed
at^sjmsec?
^SJMSEC: 1,1,1,0
4>This is my code:
connProfile="bearer_type=gprs;access_point=****;"
HttpsConnection http = (HttpsConnection) Connector.open( "https://www.google.com:443;" + connProfile);
if (http != null && http.getResponseCode() == HttpsConnection.HTTP_OK) {
//do something
}
Version working on EHS6:
ATI1
Cinterion
EHS6
REVISION 03.001
A-REVISION 00.000.14
Somebody can help me?
Thanks so much and best regards
Hello,
This exception usually mens that the verification of the certificate received from the server in TLS handshake has failed. It means that on the module the certificate verification is active. So it is possible that the certificate on the module is wrong or the server has sent the different certificate than expected. On the module you should have the root certificate that was used to sign the server certificate.
Have you seen this article about AWS: https://iot-developer.thalesgroup.com/showcase/concept-board-connection-... Did you do the same?
It would be better to create the new thread for this topic and especially not to write in the middle.
Regards,
Bartłomiej