├── .gitattributes ├── CertToESP32.py ├── CertToESP8266.py ├── ESP32 └── WiFiClientSecureHowsMySSL │ └── WiFiClientSecureHowsMySSL.ino ├── ESP8266 ├── HTTPSRequest │ └── HTTPSRequest.ino ├── HTTPSRequestCACert │ ├── CACert.ino │ └── HTTPSRequestCACert.ino ├── HTTPSRequestCACertmySSL │ ├── CACert.ino │ └── HTTPSRequestCACertmySSL.ino └── HTTPSRequestHowMySSL │ └── HTTPSRequestHowMySSL.ino ├── LICENSE ├── README.md └── credentials.h /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /CertToESP32.py: -------------------------------------------------------------------------------- 1 | #MIT License(MIT) 2 | 3 | # CertToHex.py Version 1.0.0 # 4 | 5 | # Copyright(c) 2018 Mike Simpson # 6 | 7 | #Permission is hereby granted, free of charge, to any person obtaining a copy 8 | #of this software and associated documentation files (the "Software"), to deal 9 | #in the Software without restriction, including without limitation the rights 10 | #to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 | #copies of the Software, and to permit persons to whom the Software is 12 | #furnished to do so, subject to the following conditions: 13 | 14 | #The above copyright notice and this permission notice shall be included in all 15 | #copies or substantial portions of the Software. 16 | 17 | #THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | #IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | #FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 | #AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 | #LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 | #OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | #SOFTWARE. 24 | 25 | import binascii 26 | filename = 'howsmysslBase64.cer' 27 | with open(filename, 'rb') as f: 28 | content = f.read() 29 | 30 | print('// '+filename) 31 | print('const char* test_root_ca = \ ') 32 | outString = '"' 33 | caCertLen = 0 34 | 35 | 36 | x = len(content) 37 | 38 | for i in range(0, x-1): 39 | first = (chr(content[i])) 40 | # print(first,content[i]) 41 | if content[i]==13: 42 | outString = outString + '\\n" \ ' 43 | outString = outString+first 44 | if content[i]==10: 45 | outString = outString + '"' 46 | 47 | outString = outString[:-2] #remove last comma and space 48 | 49 | print(outString[:-1]+';') 50 | -------------------------------------------------------------------------------- /CertToESP8266.py: -------------------------------------------------------------------------------- 1 | #MIT License(MIT) 2 | 3 | # CertToHex.py Version 1.0.0 # 4 | 5 | # Copyright(c) 2018 Mike Simpson # 6 | 7 | #Permission is hereby granted, free of charge, to any person obtaining a copy 8 | #of this software and associated documentation files (the "Software"), to deal 9 | #in the Software without restriction, including without limitation the rights 10 | #to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 | #copies of the Software, and to permit persons to whom the Software is 12 | #furnished to do so, subject to the following conditions: 13 | 14 | #The above copyright notice and this permission notice shall be included in all 15 | #copies or substantial portions of the Software. 16 | 17 | #THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 | #IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 | #FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 | #AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 | #LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 | #OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 | #SOFTWARE. 24 | 25 | import binascii 26 | filename = 'howMyssl.cer' 27 | with open(filename, 'rb') as f: 28 | content = f.read() 29 | 30 | hexData = binascii.hexlify(content) 31 | hexList = list(''.join(hexData)) 32 | print('// '+filename) 33 | print('const unsigned char caCert[] PROGMEM = {\n') 34 | outString = '' 35 | caCertLen = 0 36 | 37 | 38 | x = len(hexList) 39 | for i in range(0, (x-1), 2): 40 | first = hexList[i] 41 | second = hexList[i+1] 42 | outString = outString+ '0x' + first + second + ', ' 43 | caCertLen = caCertLen + 1 44 | if i%24 > 20 : 45 | outString = outString + '\n' 46 | 47 | outString = outString[:-2] #remove last comma and space 48 | 49 | print(outString+'};\n') 50 | print('const unsigned int caCertLen = ' + str(caCertLen) + ';') 51 | -------------------------------------------------------------------------------- /ESP32/WiFiClientSecureHowsMySSL/WiFiClientSecureHowsMySSL.ino: -------------------------------------------------------------------------------- 1 | /* 2 | Wifi secure connection example for ESP32 3 | Running on TLS 1.2 using mbedTLS 4 | Suporting the following chipersuites: 5 | "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_DHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_DHE_RSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_DHE_RSA_WITH_AES_256_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_DHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_DHE_RSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256","TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_DHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_DHE_RSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_DHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_DHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8","TLS_DHE_RSA_WITH_AES_128_CCM_8","TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA","TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA","TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA","TLS_DHE_PSK_WITH_AES_256_GCM_SHA384","TLS_DHE_PSK_WITH_AES_256_CCM","TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384","TLS_DHE_PSK_WITH_AES_256_CBC_SHA384","TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA","TLS_DHE_PSK_WITH_AES_256_CBC_SHA","TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384","TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384","TLS_PSK_DHE_WITH_AES_256_CCM_8","TLS_DHE_PSK_WITH_AES_128_GCM_SHA256","TLS_DHE_PSK_WITH_AES_128_CCM","TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256","TLS_DHE_PSK_WITH_AES_128_CBC_SHA256","TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA","TLS_DHE_PSK_WITH_AES_128_CBC_SHA","TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256","TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256","TLS_PSK_DHE_WITH_AES_128_CCM_8","TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA","TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA","TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA","TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_RSA_WITH_3DES_EDE_CBC_SHA","TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA","TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA","TLS_RSA_PSK_WITH_AES_256_GCM_SHA384","TLS_RSA_PSK_WITH_AES_256_CBC_SHA384","TLS_RSA_PSK_WITH_AES_256_CBC_SHA","TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384","TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384","TLS_RSA_PSK_WITH_AES_128_GCM_SHA256","TLS_RSA_PSK_WITH_AES_128_CBC_SHA256","TLS_RSA_PSK_WITH_AES_128_CBC_SHA","TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256","TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256","TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA","TLS_PSK_WITH_AES_256_GCM_SHA384","TLS_PSK_WITH_AES_256_CCM","TLS_PSK_WITH_AES_256_CBC_SHA384","TLS_PSK_WITH_AES_256_CBC_SHA","TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384","TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384","TLS_PSK_WITH_AES_256_CCM_8","TLS_PSK_WITH_AES_128_GCM_SHA256","TLS_PSK_WITH_AES_128_CCM","TLS_PSK_WITH_AES_128_CBC_SHA256","TLS_PSK_WITH_AES_128_CBC_SHA","TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256","TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256","TLS_PSK_WITH_AES_128_CCM_8","TLS_PSK_WITH_3DES_EDE_CBC_SHA","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"] 6 | 2017 - Evandro Copercini - Apache 2.0 License. 7 | */ 8 | 9 | #include 10 | #include 11 | 12 | const char* ssid = mySSID; 13 | const char* password = myPASSWORD; 14 | 15 | const char* server = "howsmyssl.com"; // Server URL 16 | 17 | // www.howsmyssl.com root certificate authority, to verify the server 18 | // change it to your server root CA 19 | // SHA1 fingerprint is broken now! 20 | 21 | // howsmysslBase64.cer 22 | const char* root_ca = \ 23 | "-----BEGIN CERTIFICATE-----\n" \ 24 | "MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/\n" \ 25 | "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" \ 26 | "DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow\n" \ 27 | "PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD\n" \ 28 | "Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" \ 29 | "AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O\n" \ 30 | "rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq\n" \ 31 | "OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b\n" \ 32 | "xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw\n" \ 33 | "7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD\n" \ 34 | "aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV\n" \ 35 | "HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG\n" \ 36 | "SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69\n" \ 37 | "ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr\n" \ 38 | "AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz\n" \ 39 | "R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5\n" \ 40 | "JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo\n" \ 41 | "Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ\n" \ 42 | "-----END CERTIFICATE-----\n" ; 43 | 44 | 45 | // You can use x.509 client certificates if you want 46 | //const char* test_client_key = ""; //to verify the client 47 | //const char* test_client_cert = ""; //to verify the client 48 | 49 | 50 | WiFiClientSecure client; 51 | 52 | void setup() { 53 | //Initialize serial and wait for port to open: 54 | Serial.begin(115200); 55 | delay(100); 56 | 57 | Serial.print("Attempting to connect to SSID: "); 58 | Serial.println(ssid); 59 | WiFi.begin(ssid, password); 60 | 61 | // attempt to connect to Wifi network: 62 | while (WiFi.status() != WL_CONNECTED) { 63 | Serial.print("."); 64 | // wait 1 second for re-trying 65 | 66 | delay(1000); 67 | } 68 | 69 | Serial.print("Connected to "); 70 | Serial.println(ssid); 71 | 72 | client.setCACert(root_ca); 73 | //client.setCertificate(test_client_key); // for client verification 74 | //client.setPrivateKey(test_client_cert); // for client verification 75 | 76 | Serial.println("\nStarting connection to server..."); 77 | if (!client.connect(server, 443)) { 78 | Serial.println("Connection failed!"); 79 | } 80 | else { 81 | Serial.println("Connected to server!"); 82 | // Make a HTTP request: 83 | client.println("GET https://www.howsmyssl.com/a/check HTTP/1.0"); 84 | client.println("Host: www.howsmyssl.com"); 85 | client.println("Connection: close"); 86 | client.println(); 87 | 88 | while (client.connected()) { 89 | String line = client.readStringUntil('\n'); 90 | if (line == "\r") { 91 | Serial.println("headers received"); 92 | break; 93 | } 94 | } 95 | // if there are incoming bytes available 96 | // from the server, read them and print them: 97 | while (client.available()) { 98 | char c = client.read(); 99 | Serial.write(c); 100 | } 101 | 102 | client.stop(); 103 | } 104 | } 105 | 106 | void loop() { 107 | // do nothing 108 | } 109 | -------------------------------------------------------------------------------- /ESP8266/HTTPSRequest/HTTPSRequest.ino: -------------------------------------------------------------------------------- 1 | /* 2 | HTTP over TLS (HTTPS) example sketch 3 | 4 | This example demonstrates how to use 5 | WiFiClientSecure class to access HTTPS API. 6 | We fetch and display the status of 7 | esp8266/Arduino project continuous integration 8 | build. 9 | 10 | Limitations: 11 | only RSA certificates 12 | no support of Perfect Forward Secrecy (PFS) 13 | TLSv1.2 is supported since version 2.4.0-rc1 14 | 15 | Created by Ivan Grokhotkov, 2015. 16 | This example is in public domain. 17 | */ 18 | 19 | #include 20 | #include 21 | #include 22 | 23 | const char* ssid = mySSID; 24 | const char* password = myPASSWORD; 25 | 26 | const char* host = "api.github.com"; 27 | const int httpsPort = 443; 28 | 29 | // Use web browser to view and copy 30 | // SHA1 fingerprint of the certificate 31 | //const char* fingerprint = "35 85 74 EF 67 35 A7 CE 40 69 50 F3 C0 F6 80 CF 80 3B 2E 19"; 32 | //const char* fingerprint = "5f b7 ee 06 33 e2 59 db ad 0c 4c 9a e6 d3 8f 1a 61 c7 dc 25"; 33 | const char* fingerprint = "5f f1 60 31 09 04 3e f2 90 d2 b0 8a 50 38 04 e8 37 9f bc 76"; 34 | 35 | void setup() { 36 | Serial.begin(115200); 37 | Serial.println(); 38 | Serial.print("connecting to "); 39 | Serial.println(ssid); 40 | WiFi.mode(WIFI_STA); 41 | WiFi.begin(ssid, password); 42 | while (WiFi.status() != WL_CONNECTED) { 43 | delay(500); 44 | Serial.print("."); 45 | } 46 | Serial.println(""); 47 | Serial.println("WiFi connected"); 48 | Serial.println("IP address: "); 49 | Serial.println(WiFi.localIP()); 50 | 51 | // Use WiFiClientSecure class to create TLS connection 52 | WiFiClientSecure client; 53 | Serial.print("connecting to "); 54 | Serial.println(host); 55 | if (!client.connect(host, httpsPort)) { 56 | Serial.println("connection failed"); 57 | return; 58 | } 59 | 60 | if (client.verify(fingerprint, host)) { 61 | Serial.println("certificate matches"); 62 | } else { 63 | Serial.println("certificate doesn't match"); 64 | } 65 | 66 | String url = "/repos/esp8266/Arduino/commits/master/status"; 67 | Serial.print("requesting URL: "); 68 | Serial.println(url); 69 | 70 | client.print(String("GET ") + url + " HTTP/1.1\r\n" + 71 | "Host: " + host + "\r\n" + 72 | "User-Agent: BuildFailureDetectorESP8266\r\n" + 73 | "Connection: close\r\n\r\n"); 74 | 75 | Serial.println("request sent"); 76 | while (client.connected()) { 77 | String line = client.readStringUntil('\n'); 78 | if (line == "\r") { 79 | Serial.println("headers received"); 80 | break; 81 | } 82 | } 83 | String line = client.readStringUntil('\n'); 84 | if (line.startsWith("{\"state\":\"success\"")) { 85 | Serial.println("esp8266/Arduino CI successfull!"); 86 | } else { 87 | Serial.println("esp8266/Arduino CI has failed"); 88 | } 89 | Serial.println("reply was:"); 90 | Serial.println("=========="); 91 | Serial.println(line); 92 | Serial.println("=========="); 93 | Serial.println("closing connection"); 94 | } 95 | 96 | void loop() { 97 | } 98 | -------------------------------------------------------------------------------- /ESP8266/HTTPSRequestCACert/CACert.ino: -------------------------------------------------------------------------------- 1 | // howMyssl.cer 2 | const unsigned char caCert[] PROGMEM = { 3 | 4 | 0x30, 0x82, 0x03, 0x4a, 0x30, 0x82, 0x02, 0x32, 0xa0, 0x03, 0x02, 0x01, 5 | 0x02, 0x02, 0x10, 0x44, 0xaf, 0xb0, 0x80, 0xd6, 0xa3, 0x27, 0xba, 0x89, 6 | 0x30, 0x39, 0x86, 0x2e, 0xf8, 0x40, 0x6b, 0x30, 0x0d, 0x06, 0x09, 0x2a, 7 | 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3f, 8 | 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1b, 0x44, 9 | 0x69, 0x67, 0x69, 0x74, 0x61, 0x6c, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 10 | 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x43, 11 | 0x6f, 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 12 | 0x0e, 0x44, 0x53, 0x54, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 13 | 0x20, 0x58, 0x33, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x30, 0x30, 0x39, 0x33, 14 | 0x30, 0x32, 0x31, 0x31, 0x32, 0x31, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x31, 15 | 0x30, 0x39, 0x33, 0x30, 0x31, 0x34, 0x30, 0x31, 0x31, 0x35, 0x5a, 0x30, 16 | 0x3f, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1b, 17 | 0x44, 0x69, 0x67, 0x69, 0x74, 0x61, 0x6c, 0x20, 0x53, 0x69, 0x67, 0x6e, 18 | 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 19 | 0x43, 0x6f, 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x03, 20 | 0x13, 0x0e, 0x44, 0x53, 0x54, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 21 | 0x41, 0x20, 0x58, 0x33, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 22 | 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 23 | 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 24 | 0x00, 0xdf, 0xaf, 0xe9, 0x97, 0x50, 0x08, 0x83, 0x57, 0xb4, 0xcc, 0x62, 25 | 0x65, 0xf6, 0x90, 0x82, 0xec, 0xc7, 0xd3, 0x2c, 0x6b, 0x30, 0xca, 0x5b, 26 | 0xec, 0xd9, 0xc3, 0x7d, 0xc7, 0x40, 0xc1, 0x18, 0x14, 0x8b, 0xe0, 0xe8, 27 | 0x33, 0x76, 0x49, 0x2a, 0xe3, 0x3f, 0x21, 0x49, 0x93, 0xac, 0x4e, 0x0e, 28 | 0xaf, 0x3e, 0x48, 0xcb, 0x65, 0xee, 0xfc, 0xd3, 0x21, 0x0f, 0x65, 0xd2, 29 | 0x2a, 0xd9, 0x32, 0x8f, 0x8c, 0xe5, 0xf7, 0x77, 0xb0, 0x12, 0x7b, 0xb5, 30 | 0x95, 0xc0, 0x89, 0xa3, 0xa9, 0xba, 0xed, 0x73, 0x2e, 0x7a, 0x0c, 0x06, 31 | 0x32, 0x83, 0xa2, 0x7e, 0x8a, 0x14, 0x30, 0xcd, 0x11, 0xa0, 0xe1, 0x2a, 32 | 0x38, 0xb9, 0x79, 0x0a, 0x31, 0xfd, 0x50, 0xbd, 0x80, 0x65, 0xdf, 0xb7, 33 | 0x51, 0x63, 0x83, 0xc8, 0xe2, 0x88, 0x61, 0xea, 0x4b, 0x61, 0x81, 0xec, 34 | 0x52, 0x6b, 0xb9, 0xa2, 0xe2, 0x4b, 0x1a, 0x28, 0x9f, 0x48, 0xa3, 0x9e, 35 | 0x0c, 0xda, 0x09, 0x8e, 0x3e, 0x17, 0x2e, 0x1e, 0xdd, 0x20, 0xdf, 0x5b, 36 | 0xc6, 0x2a, 0x8a, 0xab, 0x2e, 0xbd, 0x70, 0xad, 0xc5, 0x0b, 0x1a, 0x25, 37 | 0x90, 0x74, 0x72, 0xc5, 0x7b, 0x6a, 0xab, 0x34, 0xd6, 0x30, 0x89, 0xff, 38 | 0xe5, 0x68, 0x13, 0x7b, 0x54, 0x0b, 0xc8, 0xd6, 0xae, 0xec, 0x5a, 0x9c, 39 | 0x92, 0x1e, 0x3d, 0x64, 0xb3, 0x8c, 0xc6, 0xdf, 0xbf, 0xc9, 0x41, 0x70, 40 | 0xec, 0x16, 0x72, 0xd5, 0x26, 0xec, 0x38, 0x55, 0x39, 0x43, 0xd0, 0xfc, 41 | 0xfd, 0x18, 0x5c, 0x40, 0xf1, 0x97, 0xeb, 0xd5, 0x9a, 0x9b, 0x8d, 0x1d, 42 | 0xba, 0xda, 0x25, 0xb9, 0xc6, 0xd8, 0xdf, 0xc1, 0x15, 0x02, 0x3a, 0xab, 43 | 0xda, 0x6e, 0xf1, 0x3e, 0x2e, 0xf5, 0x5c, 0x08, 0x9c, 0x3c, 0xd6, 0x83, 44 | 0x69, 0xe4, 0x10, 0x9b, 0x19, 0x2a, 0xb6, 0x29, 0x57, 0xe3, 0xe5, 0x3d, 45 | 0x9b, 0x9f, 0xf0, 0x02, 0x5d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x42, 46 | 0x30, 0x40, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 47 | 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e, 0x06, 0x03, 0x55, 48 | 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 49 | 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xc4, 0xa7, 50 | 0xb1, 0xa4, 0x7b, 0x2c, 0x71, 0xfa, 0xdb, 0xe1, 0x4b, 0x90, 0x75, 0xff, 51 | 0xc4, 0x15, 0x60, 0x85, 0x89, 0x10, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 52 | 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 53 | 0x01, 0x00, 0xa3, 0x1a, 0x2c, 0x9b, 0x17, 0x00, 0x5c, 0xa9, 0x1e, 0xee, 54 | 0x28, 0x66, 0x37, 0x3a, 0xbf, 0x83, 0xc7, 0x3f, 0x4b, 0xc3, 0x09, 0xa0, 55 | 0x95, 0x20, 0x5d, 0xe3, 0xd9, 0x59, 0x44, 0xd2, 0x3e, 0x0d, 0x3e, 0xbd, 56 | 0x8a, 0x4b, 0xa0, 0x74, 0x1f, 0xce, 0x10, 0x82, 0x9c, 0x74, 0x1a, 0x1d, 57 | 0x7e, 0x98, 0x1a, 0xdd, 0xcb, 0x13, 0x4b, 0xb3, 0x20, 0x44, 0xe4, 0x91, 58 | 0xe9, 0xcc, 0xfc, 0x7d, 0xa5, 0xdb, 0x6a, 0xe5, 0xfe, 0xe6, 0xfd, 0xe0, 59 | 0x4e, 0xdd, 0xb7, 0x00, 0x3a, 0xb5, 0x70, 0x49, 0xaf, 0xf2, 0xe5, 0xeb, 60 | 0x02, 0xf1, 0xd1, 0x02, 0x8b, 0x19, 0xcb, 0x94, 0x3a, 0x5e, 0x48, 0xc4, 61 | 0x18, 0x1e, 0x58, 0x19, 0x5f, 0x1e, 0x02, 0x5a, 0xf0, 0x0c, 0xf1, 0xb1, 62 | 0xad, 0xa9, 0xdc, 0x59, 0x86, 0x8b, 0x6e, 0xe9, 0x91, 0xf5, 0x86, 0xca, 63 | 0xfa, 0xb9, 0x66, 0x33, 0xaa, 0x59, 0x5b, 0xce, 0xe2, 0xa7, 0x16, 0x73, 64 | 0x47, 0xcb, 0x2b, 0xcc, 0x99, 0xb0, 0x37, 0x48, 0xcf, 0xe3, 0x56, 0x4b, 65 | 0xf5, 0xcf, 0x0f, 0x0c, 0x72, 0x32, 0x87, 0xc6, 0xf0, 0x44, 0xbb, 0x53, 66 | 0x72, 0x6d, 0x43, 0xf5, 0x26, 0x48, 0x9a, 0x52, 0x67, 0xb7, 0x58, 0xab, 67 | 0xfe, 0x67, 0x76, 0x71, 0x78, 0xdb, 0x0d, 0xa2, 0x56, 0x14, 0x13, 0x39, 68 | 0x24, 0x31, 0x85, 0xa2, 0xa8, 0x02, 0x5a, 0x30, 0x47, 0xe1, 0xdd, 0x50, 69 | 0x07, 0xbc, 0x02, 0x09, 0x90, 0x00, 0xeb, 0x64, 0x63, 0x60, 0x9b, 0x16, 70 | 0xbc, 0x88, 0xc9, 0x12, 0xe6, 0xd2, 0x7d, 0x91, 0x8b, 0xf9, 0x3d, 0x32, 71 | 0x8d, 0x65, 0xb4, 0xe9, 0x7c, 0xb1, 0x57, 0x76, 0xea, 0xc5, 0xb6, 0x28, 72 | 0x39, 0xbf, 0x15, 0x65, 0x1c, 0xc8, 0xf6, 0x77, 0x96, 0x6a, 0x0a, 0x8d, 73 | 0x77, 0x0b, 0xd8, 0x91, 0x0b, 0x04, 0x8e, 0x07, 0xdb, 0x29, 0xb6, 0x0a, 74 | 0xee, 0x9d, 0x82, 0x35, 0x35, 0x10}; 75 | 76 | const unsigned int caCertLen = 846; 77 | -------------------------------------------------------------------------------- /ESP8266/HTTPSRequestCACert/HTTPSRequestCACert.ino: -------------------------------------------------------------------------------- 1 | /* 2 | HTTP over TLS (HTTPS) example sketch 3 | 4 | This example demonstrates how to use 5 | WiFiClientSecure class to connect to a TLS server. 6 | 7 | This example verifies server certificate using the 8 | root CA certificate. 9 | 10 | We fetch and display the status of 11 | esp8266/Arduino project continuous integration 12 | build. 13 | 14 | Created by Ivan Grokhotkov, 2017. 15 | This example is in public domain. 16 | */ 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | 23 | const char* ssid = mySSID; 24 | const char* password = myPASSWORD; 25 | 26 | const char* host = "api.github.com"; 27 | const int httpsPort = 443; 28 | 29 | // Root certificate used by api.github.com. 30 | // Defined in "CACert" tab. 31 | extern const unsigned char caCert[] PROGMEM; 32 | extern const unsigned int caCertLen; 33 | 34 | WiFiClientSecure client; 35 | 36 | void setup() { 37 | Serial.begin(115200); 38 | Serial.println(); 39 | Serial.print("connecting to "); 40 | Serial.println(ssid); 41 | WiFi.mode(WIFI_STA); 42 | WiFi.begin(ssid, password); 43 | while (WiFi.status() != WL_CONNECTED) { 44 | delay(500); 45 | Serial.print("."); 46 | } 47 | Serial.println(""); 48 | Serial.println("WiFi connected"); 49 | Serial.println("IP address: "); 50 | Serial.println(WiFi.localIP()); 51 | 52 | // Synchronize time useing SNTP. This is necessary to verify that 53 | // the TLS certificates offered by the server are currently valid. 54 | Serial.print("Setting time using SNTP"); 55 | configTime(8 * 3600, 0, "pool.ntp.org", "time.nist.gov"); 56 | time_t now = time(nullptr); 57 | while (now < 8 * 3600 * 2) { 58 | delay(500); 59 | Serial.print("."); 60 | now = time(nullptr); 61 | } 62 | Serial.println(""); 63 | struct tm timeinfo; 64 | gmtime_r(&now, &timeinfo); 65 | Serial.print("Current time: "); 66 | Serial.print(asctime(&timeinfo)); 67 | 68 | // Load root certificate in DER format into WiFiClientSecure object 69 | bool res = client.setCACert_P(caCert, caCertLen); 70 | if (!res) { 71 | Serial.println("Failed to load root CA certificate!"); 72 | while (true) { 73 | yield(); 74 | } 75 | } 76 | } 77 | 78 | void loop() { 79 | // Connect to remote server 80 | Serial.print("connecting to "); 81 | Serial.println(host); 82 | if (!client.connect(host, httpsPort)) { 83 | Serial.println("connection failed"); 84 | return; 85 | } 86 | 87 | // Verify validity of server's certificate 88 | if (client.verifyCertChain(host)) { 89 | Serial.println("Server certificate verified"); 90 | } else { 91 | Serial.println("ERROR: certificate verification failed!"); 92 | // return; 93 | } 94 | 95 | String url = "/repos/esp8266/Arduino/commits/master/status"; 96 | Serial.print("requesting URL: "); 97 | Serial.println(url); 98 | 99 | client.print(String("GET ") + url + " HTTP/1.1\r\n" + 100 | "Host: " + host + "\r\n" + 101 | "User-Agent: BuildFailureDetectorESP8266\r\n" + 102 | "Connection: close\r\n\r\n"); 103 | 104 | Serial.println("request sent"); 105 | while (client.connected()) { 106 | String line = client.readStringUntil('\n'); 107 | if (line == "\r") { 108 | Serial.println("headers received"); 109 | break; 110 | } 111 | } 112 | String line = client.readStringUntil('\n'); 113 | if (line.startsWith("{\"state\":\"success\"")) { 114 | Serial.println("esp8266/Arduino CI successfull!"); 115 | } else { 116 | Serial.println("esp8266/Arduino CI has failed"); 117 | } 118 | Serial.println("reply was:"); 119 | Serial.println("=========="); 120 | Serial.println(line); 121 | Serial.println("=========="); 122 | Serial.println(); 123 | 124 | static int repeat = 0; 125 | if (++repeat == 3) { 126 | Serial.println("Done"); 127 | while (true) { 128 | delay(1000); 129 | } 130 | } 131 | delay(10000); 132 | } 133 | 134 | 135 | -------------------------------------------------------------------------------- /ESP8266/HTTPSRequestCACertmySSL/CACert.ino: -------------------------------------------------------------------------------- 1 | // howMyssl.cer 2 | const unsigned char caCert[] PROGMEM = { 3 | 4 | 0x30, 0x82, 0x03, 0x4a, 0x30, 0x82, 0x02, 0x32, 0xa0, 0x03, 0x02, 0x01, 5 | 0x02, 0x02, 0x10, 0x44, 0xaf, 0xb0, 0x80, 0xd6, 0xa3, 0x27, 0xba, 0x89, 6 | 0x30, 0x39, 0x86, 0x2e, 0xf8, 0x40, 0x6b, 0x30, 0x0d, 0x06, 0x09, 0x2a, 7 | 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3f, 8 | 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1b, 0x44, 9 | 0x69, 0x67, 0x69, 0x74, 0x61, 0x6c, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 10 | 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x43, 11 | 0x6f, 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 12 | 0x0e, 0x44, 0x53, 0x54, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 13 | 0x20, 0x58, 0x33, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x30, 0x30, 0x39, 0x33, 14 | 0x30, 0x32, 0x31, 0x31, 0x32, 0x31, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x31, 15 | 0x30, 0x39, 0x33, 0x30, 0x31, 0x34, 0x30, 0x31, 0x31, 0x35, 0x5a, 0x30, 16 | 0x3f, 0x31, 0x24, 0x30, 0x22, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1b, 17 | 0x44, 0x69, 0x67, 0x69, 0x74, 0x61, 0x6c, 0x20, 0x53, 0x69, 0x67, 0x6e, 18 | 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 19 | 0x43, 0x6f, 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x03, 20 | 0x13, 0x0e, 0x44, 0x53, 0x54, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 21 | 0x41, 0x20, 0x58, 0x33, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 22 | 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 23 | 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 24 | 0x00, 0xdf, 0xaf, 0xe9, 0x97, 0x50, 0x08, 0x83, 0x57, 0xb4, 0xcc, 0x62, 25 | 0x65, 0xf6, 0x90, 0x82, 0xec, 0xc7, 0xd3, 0x2c, 0x6b, 0x30, 0xca, 0x5b, 26 | 0xec, 0xd9, 0xc3, 0x7d, 0xc7, 0x40, 0xc1, 0x18, 0x14, 0x8b, 0xe0, 0xe8, 27 | 0x33, 0x76, 0x49, 0x2a, 0xe3, 0x3f, 0x21, 0x49, 0x93, 0xac, 0x4e, 0x0e, 28 | 0xaf, 0x3e, 0x48, 0xcb, 0x65, 0xee, 0xfc, 0xd3, 0x21, 0x0f, 0x65, 0xd2, 29 | 0x2a, 0xd9, 0x32, 0x8f, 0x8c, 0xe5, 0xf7, 0x77, 0xb0, 0x12, 0x7b, 0xb5, 30 | 0x95, 0xc0, 0x89, 0xa3, 0xa9, 0xba, 0xed, 0x73, 0x2e, 0x7a, 0x0c, 0x06, 31 | 0x32, 0x83, 0xa2, 0x7e, 0x8a, 0x14, 0x30, 0xcd, 0x11, 0xa0, 0xe1, 0x2a, 32 | 0x38, 0xb9, 0x79, 0x0a, 0x31, 0xfd, 0x50, 0xbd, 0x80, 0x65, 0xdf, 0xb7, 33 | 0x51, 0x63, 0x83, 0xc8, 0xe2, 0x88, 0x61, 0xea, 0x4b, 0x61, 0x81, 0xec, 34 | 0x52, 0x6b, 0xb9, 0xa2, 0xe2, 0x4b, 0x1a, 0x28, 0x9f, 0x48, 0xa3, 0x9e, 35 | 0x0c, 0xda, 0x09, 0x8e, 0x3e, 0x17, 0x2e, 0x1e, 0xdd, 0x20, 0xdf, 0x5b, 36 | 0xc6, 0x2a, 0x8a, 0xab, 0x2e, 0xbd, 0x70, 0xad, 0xc5, 0x0b, 0x1a, 0x25, 37 | 0x90, 0x74, 0x72, 0xc5, 0x7b, 0x6a, 0xab, 0x34, 0xd6, 0x30, 0x89, 0xff, 38 | 0xe5, 0x68, 0x13, 0x7b, 0x54, 0x0b, 0xc8, 0xd6, 0xae, 0xec, 0x5a, 0x9c, 39 | 0x92, 0x1e, 0x3d, 0x64, 0xb3, 0x8c, 0xc6, 0xdf, 0xbf, 0xc9, 0x41, 0x70, 40 | 0xec, 0x16, 0x72, 0xd5, 0x26, 0xec, 0x38, 0x55, 0x39, 0x43, 0xd0, 0xfc, 41 | 0xfd, 0x18, 0x5c, 0x40, 0xf1, 0x97, 0xeb, 0xd5, 0x9a, 0x9b, 0x8d, 0x1d, 42 | 0xba, 0xda, 0x25, 0xb9, 0xc6, 0xd8, 0xdf, 0xc1, 0x15, 0x02, 0x3a, 0xab, 43 | 0xda, 0x6e, 0xf1, 0x3e, 0x2e, 0xf5, 0x5c, 0x08, 0x9c, 0x3c, 0xd6, 0x83, 44 | 0x69, 0xe4, 0x10, 0x9b, 0x19, 0x2a, 0xb6, 0x29, 0x57, 0xe3, 0xe5, 0x3d, 45 | 0x9b, 0x9f, 0xf0, 0x02, 0x5d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x42, 46 | 0x30, 0x40, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 47 | 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e, 0x06, 0x03, 0x55, 48 | 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 49 | 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xc4, 0xa7, 50 | 0xb1, 0xa4, 0x7b, 0x2c, 0x71, 0xfa, 0xdb, 0xe1, 0x4b, 0x90, 0x75, 0xff, 51 | 0xc4, 0x15, 0x60, 0x85, 0x89, 0x10, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 52 | 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 53 | 0x01, 0x00, 0xa3, 0x1a, 0x2c, 0x9b, 0x17, 0x00, 0x5c, 0xa9, 0x1e, 0xee, 54 | 0x28, 0x66, 0x37, 0x3a, 0xbf, 0x83, 0xc7, 0x3f, 0x4b, 0xc3, 0x09, 0xa0, 55 | 0x95, 0x20, 0x5d, 0xe3, 0xd9, 0x59, 0x44, 0xd2, 0x3e, 0x0d, 0x3e, 0xbd, 56 | 0x8a, 0x4b, 0xa0, 0x74, 0x1f, 0xce, 0x10, 0x82, 0x9c, 0x74, 0x1a, 0x1d, 57 | 0x7e, 0x98, 0x1a, 0xdd, 0xcb, 0x13, 0x4b, 0xb3, 0x20, 0x44, 0xe4, 0x91, 58 | 0xe9, 0xcc, 0xfc, 0x7d, 0xa5, 0xdb, 0x6a, 0xe5, 0xfe, 0xe6, 0xfd, 0xe0, 59 | 0x4e, 0xdd, 0xb7, 0x00, 0x3a, 0xb5, 0x70, 0x49, 0xaf, 0xf2, 0xe5, 0xeb, 60 | 0x02, 0xf1, 0xd1, 0x02, 0x8b, 0x19, 0xcb, 0x94, 0x3a, 0x5e, 0x48, 0xc4, 61 | 0x18, 0x1e, 0x58, 0x19, 0x5f, 0x1e, 0x02, 0x5a, 0xf0, 0x0c, 0xf1, 0xb1, 62 | 0xad, 0xa9, 0xdc, 0x59, 0x86, 0x8b, 0x6e, 0xe9, 0x91, 0xf5, 0x86, 0xca, 63 | 0xfa, 0xb9, 0x66, 0x33, 0xaa, 0x59, 0x5b, 0xce, 0xe2, 0xa7, 0x16, 0x73, 64 | 0x47, 0xcb, 0x2b, 0xcc, 0x99, 0xb0, 0x37, 0x48, 0xcf, 0xe3, 0x56, 0x4b, 65 | 0xf5, 0xcf, 0x0f, 0x0c, 0x72, 0x32, 0x87, 0xc6, 0xf0, 0x44, 0xbb, 0x53, 66 | 0x72, 0x6d, 0x43, 0xf5, 0x26, 0x48, 0x9a, 0x52, 0x67, 0xb7, 0x58, 0xab, 67 | 0xfe, 0x67, 0x76, 0x71, 0x78, 0xdb, 0x0d, 0xa2, 0x56, 0x14, 0x13, 0x39, 68 | 0x24, 0x31, 0x85, 0xa2, 0xa8, 0x02, 0x5a, 0x30, 0x47, 0xe1, 0xdd, 0x50, 69 | 0x07, 0xbc, 0x02, 0x09, 0x90, 0x00, 0xeb, 0x64, 0x63, 0x60, 0x9b, 0x16, 70 | 0xbc, 0x88, 0xc9, 0x12, 0xe6, 0xd2, 0x7d, 0x91, 0x8b, 0xf9, 0x3d, 0x32, 71 | 0x8d, 0x65, 0xb4, 0xe9, 0x7c, 0xb1, 0x57, 0x76, 0xea, 0xc5, 0xb6, 0x28, 72 | 0x39, 0xbf, 0x15, 0x65, 0x1c, 0xc8, 0xf6, 0x77, 0x96, 0x6a, 0x0a, 0x8d, 73 | 0x77, 0x0b, 0xd8, 0x91, 0x0b, 0x04, 0x8e, 0x07, 0xdb, 0x29, 0xb6, 0x0a, 74 | 0xee, 0x9d, 0x82, 0x35, 0x35, 0x10}; 75 | 76 | const unsigned int caCertLen = 846; 77 | -------------------------------------------------------------------------------- /ESP8266/HTTPSRequestCACertmySSL/HTTPSRequestCACertmySSL.ino: -------------------------------------------------------------------------------- 1 | /* 2 | HTTP over TLS (HTTPS) example sketch 3 | 4 | This example demonstrates how to use 5 | WiFiClientSecure class to connect to a TLS server. 6 | 7 | This example verifies server certificate using the 8 | root CA certificate. 9 | 10 | We fetch and display the status of 11 | esp8266/Arduino project continuous integration 12 | build. 13 | 14 | Created by Ivan Grokhotkov, 2017. 15 | This example is in public domain. 16 | */ 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | 23 | const char* ssid = mySSID; 24 | const char* password = myPASSWORD; 25 | 26 | const char* host = "howsmyssl.com"; 27 | const int httpsPort = 443; 28 | 29 | // Root certificate used by https://www.howsmyssl.com/. 30 | // Defined in "CACert" tab. 31 | extern const unsigned char caCert[] PROGMEM; 32 | extern const unsigned int caCertLen; 33 | 34 | WiFiClientSecure client; 35 | 36 | void setup() { 37 | Serial.begin(115200); 38 | Serial.println(); 39 | Serial.print("connecting to "); 40 | Serial.println(ssid); 41 | WiFi.mode(WIFI_STA); 42 | WiFi.begin(ssid, password); 43 | while (WiFi.status() != WL_CONNECTED) { 44 | delay(500); 45 | Serial.print("."); 46 | } 47 | Serial.println(""); 48 | Serial.println("WiFi connected"); 49 | Serial.println("IP address: "); 50 | Serial.println(WiFi.localIP()); 51 | 52 | // Synchronize time useing SNTP. This is necessary to verify that 53 | // the TLS certificates offered by the server are currently valid. 54 | Serial.print("Setting time using SNTP"); 55 | configTime(8 * 3600, 0, "pool.ntp.org", "time.nist.gov"); 56 | time_t now = time(nullptr); 57 | while (now < 8 * 3600 * 2) { 58 | delay(500); 59 | Serial.print("."); 60 | now = time(nullptr); 61 | } 62 | Serial.println(""); 63 | struct tm timeinfo; 64 | gmtime_r(&now, &timeinfo); 65 | Serial.print("Current time: "); 66 | Serial.print(asctime(&timeinfo)); 67 | 68 | // Load root certificate in DER format into WiFiClientSecure object 69 | bool res = client.setCACert_P(caCert, caCertLen); 70 | if (!res) { 71 | Serial.println("Failed to load root CA certificate!"); 72 | while (true) { 73 | yield(); 74 | } 75 | } 76 | } 77 | 78 | void loop() { 79 | // Connect to remote server 80 | Serial.print("connecting to "); 81 | Serial.println(host); 82 | if (!client.connect(host, httpsPort)) { 83 | Serial.println("connection failed"); 84 | return; 85 | } 86 | 87 | // Verify validity of server's certificate 88 | if (client.verifyCertChain(host)) { 89 | Serial.println("Server certificate verified"); 90 | } else { 91 | Serial.println("ERROR: certificate verification failed!"); 92 | // return; 93 | } 94 | 95 | Serial.println("\nStarting connection to server..."); 96 | if (!client.connect(host, 443)) 97 | Serial.println("Connection failed!"); 98 | else { 99 | Serial.println("Connected to server!"); 100 | // Make a HTTP request: 101 | client.println("GET https://www.howsmyssl.com/a/check HTTP/1.0"); 102 | client.println("Host: www.howsmyssl.com"); 103 | client.println("Connection: close"); 104 | client.println(); 105 | 106 | Serial.println("request sent"); 107 | } 108 | while (client.connected()) { 109 | String line = client.readStringUntil('\n'); 110 | if (line == "\r") { 111 | Serial.println("headers received"); 112 | break; 113 | } 114 | } 115 | String line = client.readStringUntil('\n'); 116 | Serial.println("reply was:"); 117 | Serial.println("=========="); 118 | Serial.println(line); 119 | Serial.println("=========="); 120 | Serial.println(); 121 | 122 | static int repeat = 0; 123 | if (++repeat == 3) { 124 | Serial.println("Done"); 125 | while (true) { 126 | delay(1000); 127 | } 128 | } 129 | delay(10000); 130 | } 131 | 132 | 133 | -------------------------------------------------------------------------------- /ESP8266/HTTPSRequestHowMySSL/HTTPSRequestHowMySSL.ino: -------------------------------------------------------------------------------- 1 | /* 2 | HTTP over TLS (HTTPS) example sketch 3 | 4 | This example demonstrates how to use 5 | WiFiClientSecure class to access HTTPS API. 6 | We fetch and display the status of 7 | esp8266/Arduino project continuous integration 8 | build. 9 | 10 | Limitations: 11 | only RSA certificates 12 | no support of Perfect Forward Secrecy (PFS) 13 | TLSv1.2 is supported since version 2.4.0-rc1 14 | 15 | Created by Ivan Grokhotkov, 2015. 16 | This example is in public domain. 17 | */ 18 | 19 | #include 20 | #include 21 | #include 22 | 23 | const char* ssid = mySSID; 24 | const char* password = myPASSWORD; 25 | 26 | //const char* host = "howsmyssl.com"; 27 | //const char* fingerprint = "B2 6F 23 D1 90 D5 41 5E CD 20 61 7A 74 31 DA B2 9C E4 48 97"; //howsmyssl 28 | 29 | //const char* host = "google.com"; 30 | //const char* fingerprint = "76 FB 50 5F 7C 81 7D 89 6B 42 14 24 43 DE 86 E7 3C D9 85 5F"; //google 31 | 32 | //const char* host = "thingspeak.com"; 33 | //const char* fingerprint = "F9 C2 65 6C F9 EF 7F 66 8B F7 35 FE 15 EA 82 9F 5F 55 54 3E"; //Thingspeak 34 | 35 | const char* host = "howsmyssl.com"; 36 | const char* fingerprint = "b2 6f 23 d1 90 d5 41 5e cd 20 61 7a 74 31 da b2 9c e4 48 97"; //howsmyssl 37 | 38 | const int httpsPort = 443; 39 | 40 | void setup() { 41 | Serial.begin(115200); 42 | Serial.println(); 43 | Serial.print("connecting to "); 44 | Serial.println(ssid); 45 | WiFi.mode(WIFI_STA); 46 | WiFi.begin(ssid, password); 47 | while (WiFi.status() != WL_CONNECTED) { 48 | delay(500); 49 | Serial.print("."); 50 | } 51 | Serial.println(""); 52 | Serial.println("WiFi connected"); 53 | Serial.println("IP address: "); 54 | Serial.println(WiFi.localIP()); 55 | 56 | // Use WiFiClientSecure class to create TLS connection 57 | WiFiClientSecure client; 58 | Serial.print("connecting to "); 59 | Serial.println(host); 60 | if (!client.connect(host, httpsPort)) { 61 | Serial.println("connection failed"); 62 | return; 63 | } 64 | 65 | if (client.verify(fingerprint, host)) { 66 | Serial.println("fingerprint matches"); 67 | } else { 68 | Serial.println("fingerprint doesn't match"); 69 | } 70 | 71 | Serial.println("\nStarting connection to server..."); 72 | if (!client.connect(host, 443)) 73 | Serial.println("Connection failed!"); 74 | else { 75 | Serial.println("Connected to server!"); 76 | // Make a HTTP request: 77 | client.print("GET https://www."); 78 | client.print(host); 79 | client.println("/a/check HTTP/1.0"); 80 | client.print("Host: "); 81 | client.println(host); 82 | 83 | Serial.print("GET https://"); 84 | Serial.print(host); 85 | Serial.println("/a/check HTTP/1.0"); 86 | Serial.println("Host: "); 87 | Serial.println(host); 88 | client.println("Connection: close"); 89 | client.println(); 90 | 91 | Serial.println("request sent"); 92 | } 93 | while (client.connected()) { 94 | String line = client.readStringUntil('\n'); 95 | if (line == "\r") { 96 | Serial.println("headers received"); 97 | break; 98 | } 99 | } 100 | String line = client.readStringUntil('\n'); 101 | Serial.println("reply was:"); 102 | Serial.println("=========="); 103 | Serial.println(line); 104 | Serial.println("=========="); 105 | Serial.println("closing connection"); 106 | } 107 | 108 | void loop() { 109 | } 110 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 SensorsIOT 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # HTTPS for Makers 2 | 3 | code for Youtube video: https://youtu.be/Wm1xKj4bKsY 4 | 5 | 6 | Examples to call HTTPS sites for ESP8266 and ESP32 7 | 8 | Python programs to format certificates for both platforms. 9 | 10 | please delete line #define credentials.h or move the file from here to your Arduino library folder 11 | -------------------------------------------------------------------------------- /credentials.h: -------------------------------------------------------------------------------- 1 | 2 | #define CREDENTIALS 1 3 | 4 | // WLAN 5 | #define mySSID "................" 6 | #define myPASSWORD "............" --------------------------------------------------------------------------------