Avatar for sammachin

sammachin

Member since Nov 2016 • Last active Aug 2020
  • 11 conversations
  • 29 comments

Most recent activity

    • 12 comments
    • 406 views
  • Avatar for sammachin

    Did a bit more digging on this and some testing with my espriunio WiFi.
    The 0x7780 error seems to relate to a problem with the certificate chain, likely due to the server using a self signed cert. I get this error thrown with the EsprinoWiFi as well as the Pixl.
    I'm a bit out of my depth but supposedly if you call mbedtls with MBEDTLS_SSL_VERIFY_NONE set then it will ignore the cert chain, I think this line says that should be set in esprunio though? https://github.com/espruino/Espruino/blo­b/master/libs/network/network.c#L599

    Yes I was uploading to flash already, seems like this might be just too much for the nRF52 to deal with on its own, I think I need to look at offloading the SSL to something else like an ESP-32 instead of the ESP-8266 that I'm using anyway
    Its rather annoying that Tesla are forcing the powerwall to use SSL with a self signed cert, the whole project works really nicely if I could just overcome that issue.

  • in Puck.js, Pixl.js and MDBT42
    Avatar for sammachin

    I did some more testing last night;

    Firstly trying to fetch the pur3 page with the pixl returns an out of memory error

    TLS check
    http
    TLS yes?
    =undefined
    Uncaught InternalError: Failed! mbedtls_ssl_handshake returned Not enough memory
    

    Then I tried with my EspruinoWiFi, fetches the pur3 page fine but on the internal IP I get the same 0x7780 error, with a bit of googling this error seems to be related to the certificate chain, as my device uses a self signed cert this makes sense.

    So there are now 2 problems:
    The pixl still can't make an HTTPS request even to a 'good' host
    Espruino doesn't like self signed certs.
    Is there any way to set a flag to ignore the certificate validation and just accept the cert, like the -k option in curl?

  • in Puck.js, Pixl.js and MDBT42
    Avatar for sammachin

    Ok tried that with a modified bit of code to remove the vector font and just log to console but I get an error

    TLS check
    http
    TLS yes?
    =undefined
    Uncaught InternalError: Failed! mbedtls_ssl_handshake returned -0x7780
    
    
  • in Puck.js, Pixl.js and MDBT42
    Avatar for sammachin

    Tried with that build on the pixl and just updating the url to https but it still seems to be making the request over http, this is my code, do I need to do something else?

    digitalWrite(D12,1); // enable ESP8266
    Serial1.setup(115200, { rx: D2, tx : D3 });
    var wifi = require("ESP8266WiFi_0v25").connect(Seri­al1, function(err) {
      if (err) throw err;
      console.log("Connecting to WiFi");
      wifi.connect(SSID, PASSWORD, function(err) {
        if (err) throw err;
        console.log("WiFi Connected");
        getCharge();
      });
    });
    
    
    
    
    function getCharge(){
      var http = require("http");
      http.get("https://192.168.1.127/api/syst­em_status/soe", function(res) {
        var contents = "";
        res.on('data', function(data) { contents += data; });
        res.on('close', function() {
          var d = JSON.parse(contents);
          var charge = Math.round(d.percentage);
          g.clear();
          // Use the small font for a title
          g.setFontBitmap();
          g.drawString("Charge:");
          // Use a large font for the value itself
          g.setFontVector(40);
          g.drawString(`${charge}%`, (g.getWidth()-g.stringWidth(`${charge}%`­))/2,10);
          // Update the screen
          g.flip();
        });
      });
    }
    
  • in Puck.js, Pixl.js and MDBT42
    Avatar for sammachin

    So I know its not currently possible but I'm wondering what options I have for this.
    Currently I've got a board with a few neopixels and an ESP8266 on it that plugs onto a pixl, that then makes requests to an API to get some data which is displayed on the pixl and LEDs.

    The server I'm connecting to only offers HTTPS using a self signed cert and its on an internal network,there are only 2 endpoints I need to get JSON from.
    Currently I'm using a very simple NodeRED flow to act as a reverse proxy and take in a plain HTTP request from the pixl then forward on over HTTPS, but this isn't ideal long term, I'd like to have everyting self contained on the device.

    I don't really want to swap the Pixl for an Espruino WiFi, the screen buttons and BLE are all useful parts of the design.
    Could I replace the ESP8266 with an ESP32 but use this to make the HTTPS requests using its own internal client, I guess I'd need some custom code to talk serial to the E32 and then have it make the requests? Anyone done that? I guess running a second copy of espruino on the ESP-32 would be one way to go
    Whats the fundimental blocker with getting HTTPS from teh nRF52 is it just not capable? Is it a question of time/money?
    Any other ideas?

    • 11 comments
    • 1,481 views
  • in Other Boards
    Avatar for sammachin

    Still same issue, I also tried using my android device and nrfConnnect on there

  • in Other Boards
    Avatar for sammachin

    Got my Thingy:52 in the mail this morning, and trying to put esprunio on it,

    I couldn't see a softdevice file in /binaries for 2.04 so i used the 1.99 one and then put the espruino_1v99_thingy52_app.zip build onto it which worked fine, however I'd now like to update it to 2.04, but using the espruino_2v04_thingy52.zip file I get an Error 'Invalid Object' with DFU from nrfConnect on iOS.

Actions