How to generate the HTTPS certificates for a site with basic authenication? | Telit Cinterion IoT Developer Community
July 20, 2015 - 1:27pm, 14952 views
I try to connect to a REST service on a HTTPS server. I do have the certification chain in PEM, but are still not able to make a successful connection.
Here is how I did proceed:
I did add the certificates and jad and jar on flash:
Then go over to add the AT commands:
at^sjmsec?
^SJMSEC: 1,0,1,0
OK
Everything is disabled, so far so good. Enable HTTPS unsercured mode and add the Certificates
at^sjmsec="cmd",0B00310001000500020001
OK
at^sjmsec="file",AddHttpsCertificate.bin
OK
at^sjmsec="file",AddHttpsClientCertificateUntrusted.bin
OK
at^sjmsec?
^SJMSEC: 1,1,1,1
OK
Now HTTPS is on for untrusted mode and the certificates are added.
But after starting the midlet I sill get that error and have no idea where exactly the problem is (I guess it's the certificate)
System out:
Open page: https://... .com/...
Connection state: UP
-213 SSL-Error: revcd alert fatal error IOE is trown
java.io.IOException: -213 SSL-Error: revcd alert fatal error
- com.sun.midp.ssl.SSLStreamConnection.GenerateException(), bci=82
- com.sun.midp.ssl.SSLStreamConnection.<init>(), bci=264
- com.sun.midp.io.j2me.https.Protocol.connect(), bci=198
- com.sun.midp.io.j2me.http.Protocol.streamConnect(), bci=108
- com.sun.midp.io.j2me.http.Protocol.startRequest(), bci=7
- com.sun.midp.io.j2me.http.Protocol.sendRequest(), bci=33
- com.sun.midp.io.j2me.http.Protocol.sendRequest(), bci=3
- com.sun.midp.io.j2me.http.Protocol.openInputStream(), bci=6
- com.sun.midp.io.ConnectionBaseAdapter.openDataInputStream(), bci=5
- com.fastprk.FastPrk.getViaHttpsConnection(FastPrk.java:374)
- com.fastprk.FastPrk.startApp(FastPrk.java:330)
- javax.microedition.midlet.MIDletTunnelImpl.callStartApp(), bci=1
- com.sun.midp.midlet.MIDletPeer.startApp(), bci=5
- com.sun.midp.midlet.MIDletStateHandler.startSuite(), bci=261
- com.sun.midp.main.AbstractMIDletSuiteLoader.startSuite(), bci=38
- com.sun.midp.main.CldcMIDletSuiteLoader.startSuite(), bci=5
- com.sun.midp.main.AbstractMIDletSuiteLoader.runMIDletSuite(), bci=134
- com.sun.midp.main.AppIsolateMIDletSuiteLoader.main(), bci=26
Is there a straight way to generate the right certificates?
E.g. starting with downloading it from the browser:
Maybe a basic example with e.g. facebook.com would be interesting.
BTW that is the code:
protected void startApp() { System.out.println("startApp begin"); initGsm(); ... System.out.println("Open page: " + httpsUrl); try { getViaHttpsConnection(httpsUrl); if(!followUrl.equalsIgnoreCase("")) getViaHttpsConnection(followUrl); } catch (CertificateException ce) { System.out.println(ce.getMessage() + " CE is trown"); ce.printStackTrace(); } catch (IOException ioe) { System.out.println(ioe.getMessage() + " IOE is trown"); ioe.printStackTrace(); } } void getViaHttpsConnection(String url) throws CertificateException, IOException { HttpsConnection c = null; InputStream is = null; try { c = (HttpsConnection) Connector.open(url); c.setRequestProperty("Accept", "application/json"); c.setRequestProperty("Authorization", "Basic "+ nameAndPwdBase64 ); is = c.openDataInputStream(); if (c.getResponseCode() == HttpConnection.HTTP_OK) { // Get the length and process the data int len = (int) c.getLength(); if (len > 0) { byte[] data = new byte[len]; is.read(data); } else { System.out.println("Data: "); int ch; .. } System.out.println("Message: " + c.getResponseMessage() + " Type: " + c.getType()); } else { System.out.println("Error code: " + c.getResponseCode() + " Message: " + c.getResponseMessage() + " Type: " + c.getType()); } } finally { if (is != null) { is.close(); } if (c != null) { c.close(); } } }
Hi Thanh (vutu0001),
About your problem with try to connect to AWS IoT, I have the same issue, I am trying with a Gemalto Terminal connects to Broker AWS using certificates and the output after execute my Java Application Midlet is follows:
This is with firmware 31:
ati1
Cinterion
EHS6
REVISION 03.001
A-REVISION 00.000.31
Connecting to MQTT brocker...
Connecting to: ssl://*******.iot.eu-west-1.amazonaws.com:8883
SSLMicroNetworkModule-start-->printStackTrace =
java.io.IOException: Algorithm Id parsing failed
- com.sun.midp.io.j2me.ssl.Protocol.openPrim(), bci=363
- javax.microedition.io.Connector.open(), bci=47
This is with firmware 14:
ati1
Cinterion
EHS6
REVISION 03.001
A-REVISION 00.000.14
Connecting to MQTT brocker...
Connecting to: ssl://*******.iot.eu-west-1.amazonaws.com:8883
SSLMicroNetworkModule-start-->printStackTrace =
java.io.IOException: Algorithm Id parsing failed
- com.sun.midp.pki.X509Certificate.getAlg(), bci=130
- com.sun.midp.pki.X509Certificate.generateCertificate(), bci=348
- com.sun.midp.ssl.SSLStreamConnection.<init>(), bci=330
- com.sun.midp.io.j2me.ssl.Protocol.openPrim(), bci=267
- javax.microedition.io.Connector.open(), bci=47
So, my question is if you finally could resolve the problem to connect to AWS, if this is, Could you tell me how is doing it?
I would very much appreciate any advice!
Thanks in advance,
Fer.
Hello,
This is already discussed here:
https://iot-developer.thalesgroup.com/comment/2948#comment-2948
Let's discuss this problem in one place.
Regards,
Bartłomiej