On 5/5/2017 10:38 AM, Greg Stewart via curl-library wrote: > I'm working with the ESP32 hardware and the libcurl library. I need to > log into a server that requires https. When I run the code below on my > mac, it works just fine. When I move it to the ESP32, it hangs at > "curl_easy_perform". I disabled https on the server and removed the > CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST tokens from the > code, and it worked great on the ESP32. In production, I will not have > this luxury. Any ideas on what might be going wrong?
[...] On 5/5/2017 12:23 PM, Greg Stewart via curl-library wrote: > I confirmed the date and time are correct. I gave it 5 minutes to run, > but no progress. When I enabled verbose, I got back > > * timeout on name lookup is not supported > > * Trying 192.168.1.20... > > * TCP_NODELAY set > > * Connected to 192.168.1.20 (192.168.1.20) port 443 (#0) > > * Error reading ca cert file /etc/ssl/certs/ca-certificates.crt - > mbedTLS: (-0x3E00) PK - Read/write of file failed > > * mbedTLS: Connecting to 192.168.1.20:443 <http://192.168.1.20:443> > > * mbedTLS: Set min SSL version to TLS 1.0 > > > When I run it on my mac, I get > > * Trying 192.168.1.20... > > * Connected to 192.168.1.20 (192.168.1.20) port 443 (#0) > > * TLS 1.2 connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 > > * Server certificate: UBNT-68:72:51:60:4D:4F > > > If the library is looking for "/etc/ssl/certs/ca-certificates.crt" on > the esp32, it won't find it since the esp32 does not have that kind of > file structure. Not sure where to go from here. Please don't top-post it makes the conversation hard to follow [1]. Also when you report a bug we need the curl -V or curl_version() to be able to help, and a minimal self contained example that can reproduce the problem. That example was not minimal. There were some problems using libcurl on ESP32 but they had to do with mbedTLS as far as I know. I suggest you get the latest version of the development framework. Then check if you can use just mbedTLS to connect to your server without a problem. There is some discussion about how to do that and the other problems in these threads: https://github.com/curl/curl/issues/1327 https://github.com/espressif/esp-idf/issues/424 https://github.com/espressif/esp-idf/issues/434 Also as Daniel just said a minute ago that lack of the cert file shouldn't cause a hang. I've CC'd Neil Kolban who fixed one of the mbedTLS bugs in the IoT framework, in case he has any idea what's happening here. [1]: https://curl.haxx.se/mail/etiquette.html#Do_Not_Top_Post
------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
