无法使用 WifiClientSecure 连接 https 协议与 ESP8266

Question

我正在尝试通过unwiredlabs获取 ESP8266 的位置。我接着做了这个介绍。这是我的arduino代码：

#include <ESP8266HTTPClient.h>
#include  <ArduinoJson.h>
#include "ESP8266WiFi.h"

char myssid[] = "Your wifi/hotspot name";
char mypass[] = "Your password";

const char* Host = "www.unwiredlabs.com";
String endpoint = "/v2/process.php";

String token = "d99cccda52ec0b";

String jsonString = "{\n";

double latitude = 0.0;
double longitude = 0.0;
double accuracy = 0.0;

void setup(){
    Serial.begin(115200);

    // Set WiFi to station mode and disconnect from an AP if it was previously connected
    WiFi.mode(WIFI_STA);
    WiFi.disconnect();
    Serial.println("Setup done");

    // We start by connecting to a WiFi network
    Serial.print("Connecting to ");
    Serial.println(myssid);
    WiFi.begin(myssid, mypass);

    while (WiFi.status() != WL_CONNECTED) {
        delay(500);
        Serial.print(".");
    }
    Serial.println(".");
}

void loop() {
    char bssid[6];
    DynamicJsonBuffer jsonBuffer;

    // WiFi.scanNetworks will return the number of networks found
    int n = WiFi.scanNetworks();
    Serial.println("scan done");

    if (n == 0 ) {
        Serial.println("No networks available");
    } else {
        Serial.print(n);
        Serial.println(" networks found");
    }

      // now build the jsonString...
      jsonString = "{\n";
      jsonString += "\"token\" : \"";
      jsonString += token;
      jsonString += "\",\n";
      jsonString += "\"id\" : \"saikirandevice01\",\n";
      jsonString += "\"wifi\": [\n";
      for (int j = 0; j < n; ++j) {
          jsonString += "{\n";
          jsonString += "\"bssid\" : \"";
          jsonString += (WiFi.BSSIDstr(j));
          jsonString += "\",\n";
          jsonString += "\"signal\": ";
          jsonString += WiFi.RSSI(j);
          jsonString += "\n";
          if (j < n - 1) {
              jsonString += "},\n";
          } else {
              jsonString += "}\n";
          }
      }
      jsonString += ("]\n");
      jsonString += ("}\n");
      Serial.println(jsonString);

      WiFiClientSecure client;

      //Connect to the client and make the api call
      Serial.println("Requesting URL: https://" + (String)Host + endpoint);
      if (client.connect(Host, 443)) {
          Serial.println("Connected");
          client.println("POST " + endpoint + " HTTP/1.1");
          client.println("Host: " + (String)Host);
          client.println("Connection: close");
          client.println("Content-Type: application/json");
          client.println("User-Agent: Arduino/1.0");
          client.print("Content-Length: ");
          client.println(jsonString.length());
          client.println();
          client.print(jsonString);
          delay(500);
      }

      //Read and parse all the lines of the reply from server
      while (client.available()) {
          String line = client.readStringUntil('\r');
          JsonObject& root = jsonBuffer.parseObject(line);
          if (root.success()) {
              latitude    = root["lat"];
              longitude   = root["lon"];
              accuracy    = root["accuracy"];

              Serial.println();
              Serial.print("Latitude = ");
              Serial.println(latitude, 6);
              Serial.print("Longitude = ");
              Serial.println(longitude, 6);
              Serial.print("Accuracy = ");
              Serial.println(accuracy);
          }
      }

      Serial.println("closing connection");
      Serial.println();
      client.stop();

      delay(5000);
}

当代码烧录到esp8266时，显示无法连接到https://www.instructables.com/v2/process.php.

ESP串行输出：

... // some initial setup string
Requesting URL: https://unwiredlabs.com/v2/process.php
// if connected, "connected" was printed here, but not
closing connection

然后，我尝试https://unwiredlabs.com/v2/process.php在chrome浏览器上使用url。这是消息：

{
status: "error",
message: "Invalid request",
balance: 0,
help: "Check for misplaced commas and use double quotes to encapsulate strings"
}

这证明这个网址存在，但是当我尝试时Postman，它显示：

然后，我关掉了SSL certificate verifycation邮递员。它响应错误403 Forbidden。所以我认为引起问题的原因是 SSL 证书验证WifiClientSecure。

有人可以帮忙吗？

Answer 1

SSL - 至少此代码尝试使用它的方式 - 需要您尝试连接的站点的指纹。在尝试连接到该站点之前，代码需要告诉其客户端对象该站点的指纹。

\n\n

第 1 步：手动从站点检索指纹：\n我在 Chrome 中浏览到https://www.unwiredlabs.com并复制了站点证书，然后在 Windows 上的 git bash 中使用 openSSL 来提取指纹：

\n\n

openssl x509 -noout -fingerprint -sha1 -inform pem -in certificate-file.cer > fingerprint.txt\n

\n\n

然后，我编辑了生成的 Fingerprint.txt 文件，将每个 \':\' 替换为空格。

\n\n

在网络上搜索有关如何使用 Chrome 或您正在使用的任何浏览器复制引用证书的详细信息。

\n\n

步骤 2：编辑代码以将指纹添加到 Sketch：\n我添加了常量“sslFingerprint”，并在调用 client.connect() 之前添加了对 client.setFingerprint() 的调用。

\n\n

然后，我删除了与连接到该站点无关的代码，创建了一个示例草图来说明成功连接到 unwiredlabs.com：

\n\n

#include <ESP8266HTTPClient.h>\n#include "ESP8266WiFi.h"\n\n// The SSL Fingerprint of https://www.unwiredlabs.com\n// Certificate expires \xe2\x80\x8eOctober \xe2\x80\x8e9, \xe2\x80\x8e2020\nconst char *sslFingerprint\n  = "C3 3E 2F 21 CB 15 4E 02 D5 27 E5 F6 EF FB 31 AE 91 51 A3 5D";\n\nchar myssid[] = "yourWiFiSSID";\nchar mypass[] = "yourWiFiPassword";\n\nconst char* Host = "www.unwiredlabs.com";\nString endpoint = "/v2/process.php";\n\nvoid setup() {\n  Serial.begin(9600);\n\n  // Set WiFi to station mode and disconnect from an AP if it was previously connected\n  WiFi.mode(WIFI_STA);\n  WiFi.disconnect();\n  Serial.println("Setup done");\n\n  // We start by connecting to a WiFi network\n  Serial.print("Connecting to ");\n  Serial.println(myssid);\n  WiFi.begin(myssid, mypass);\n\n  while (WiFi.status() != WL_CONNECTED) {\n    delay(500);\n    Serial.print(".");\n  }\n  Serial.println(".");\n}\n\nvoid loop() {\n  WiFiClientSecure client;\n\n  //Connect to the client and make the api call\n  Serial.println("Requesting URL: https://" + (String)Host + endpoint);\n  client.setFingerprint(sslFingerprint);\n  if (client.connect(Host, 443)) {\n    Serial.println("Connected");\n  }\n  Serial.println("closing connection");\n  Serial.println();\n  client.stop();\n\n  delay(5000);\n}\n

\n\n

当在 Sparkfun ESP8266 Thing 开发板上运行时，Sketch 会产生以下输出：

\n\n

......\nRequesting URL: https://www.unwiredlabs.com/v2/process.php\nConnected\nclosing connection\n

\n