Strictly necessary cookies are on by default and cannot be turned off. Functional, Performance and Tracking/targeting/sharing cookies can be turned on below based on your preferences (this banner will remain available for you to accept cookies). You may change your cookie settings by deleting cookies from your browser. Then this banner will appear again. You can learn more details about cookies HERE.
Strictly necessary (always on)
Functional, Performance and Tracking/targeting/sharing (default off)
Can you get the snip.https_client application working?Do you have a sniffer trace of the TLS transaction that you can upload?Can you provide a URL to a globally accessible server that demonstrates the problem ?There are many variables that affect a TLS connection and without further information it will be very difficult to debug.
I got the wiced_tls_advanced_context working (or parts of it), a Wiced device has a key/certificate and the server a list of client certificates to check against. However I cannot get the Wiced device to verify the server-certificate. It seems to ignore any certificate I initialise (wiced_tls_init_root_ca_certificates) . Taking a step back and modifying the https-client example I get the same result. It connects to a self-signed https server without having the certificate validated (eg not added by wiced_tls_init_root_ca_certificates)The certificates seem to be succesfully parsed (no errors there) and the SSL handshake is performed there is no check on the validity of the CA.Any advise?
SDK 2.4.0 has a bug that fails to correctly verify the CA certificate.
This has been fixed in 2.4.1 and we strongly recommend you update, at a minimum, the besl directory from the 2.4.1 release.
You should also note that the only the top most root CA certificate is verified. The https_client application in 2.4.1 shows how to use the API correctly for https://www.google.com using Root 1 from the GeoTrust root certificate list (Download Root Certificates - GeoTrust). This was the root CA certificate when accessing Google servers from Australia. Depending on your location in the world the Google servers may have certificates signed by other root CA certificates.