Upcoming maintenance
Dear Customers and Partners.
This website will be undergoing scheduled maintenance on June 14, 2023. Please be aware there may be disruption to the developer portal website and associated services during the scheduled maintenance period.
This upgrade is essential to ensure the continued performance, reliability, and security of Developer World.
We apologize for any inconvenience.
How to handle multiple SSL connections?
-
I would like to know how to handle multiple ssl connections. My use case is being connected to an MQTT server using certificates (AWS IoT) and making HTTPS connections with a different root CA.
Each by its own seems to work but from time to time I get mbedtls_ssl_handshake() errors. I am wondering if this is related to handling multiple certificates. I can see that certificates are set by e.g. LTE_CMDID_TLS_X509_CRT_PARSE commands. So are they replaced each time? Do I need to make sure connections do not overlap each others?
Would that include each MQTT poll call, sending message and querying HTTPS? What about receiving an MQTT message for which I do not know the timing?
I will try to add the exact error code next time I see it in a log.
I am using the Sony LTE-M extension board with Arduino Libraries as given in the samples.
-
I switched on debug logs for alt1250 on error and warning.
I get this very often from spresense-sdk/spresense/nuttx/drivers/modem/alt1250/alt1250.c line 867 (not the other location)altcom_recvthread: container is not foundIt seems to work also with this message. But I do not understand why I get this.
-
Hi @jens6151-0-1-1
I haven't dealt with this situation before, but I can investigate with you.
Could you share code? -
@CamilaSouza Thanks for the offer. I have an update here.
For now, after replacing ArduinoMQTT with the paho-MQTT of the Spresense-SDK/NuttX (see sample in SDK) and replacing the ArduinoHTTP and LTETLSClient with webclient of Spresense SDK/NuttX, I do not see any issue anymore.
My assumption is that the Arduino libraries are not so performant and therefore cause failures with various codes from time to time.
"container is not found" is still printed but does not cause any visible malfunction.
I still get disconnects, but that should be a misconfiguration no AWS IoT side.fyi, the webclient code.
#define NET_BUFFER_SIZE 4096 static char g_netIoBuffer[NET_BUFFER_SIZE]; static int sink_callback(FAR char** buffer, int offset, int datend, FAR int* buflen, FAR void* arg) { std::string* response = (std::string*)arg; response->append(&((*buffer)[offset]), datend - offset); return 0; } static int httpsGetRequest(const char* url, std::string* response) { struct webclient_context ctx; webclient_set_defaults(&ctx); ctx.method = "GET"; ctx.buffer = g_netIoBuffer; ctx.buflen = NET_BUFFER_SIZE; ctx.sink_callback = sink_callback; ctx.sink_callback_arg = response; ctx.url = url; struct sslutil_tls_context ssl_ctx; SSLUTIL_CTX_INIT(&ssl_ctx); SSLUTIL_CTX_SET_CAFILE(&ssl_ctx, ROOTCA_FILE); ctx.tls_ops = sslutil_webclient_tlsops(); ctx.tls_ctx = (FAR void*)&ssl_ctx; int ret = webclient_perform(&ctx); if (ret != 0) { Log.errorln("CLOUD_MODULE: webclient_perform failed with %d\n", ret); return 0; } ctx.buffer[NET_BUFFER_SIZE - 1] = 0; Log.traceln("CLOUD_MODULE: STATUS=%d, RESPONSE=%s", ctx.http_status, response->c_str()); return ctx.http_status; } -
Hi, @jens6151-0-1-1
Thanks for sharing your solution!
-
@CamilaSouza I conclude that concurrent usage of network connections is no issue (at least not with the Spresense SDK.
I could resolve the disconnects of AWS IoT by switching to AWS IoT SDK which is integrated in NuttX. Paho does not seem to work well. I always get client errors without further reason in the AWS logs.
This issue can be closed.