TLS (HTTPS) problem with wildcard certificate

IoT Modules Legacy HL Series
1

Hi,
I found a problem with wildcard TLS certificates (ex: *.domain.com).
HL6528x respond with error 13 (SSL error…) on SSL handshake.
Do you have an idea about that ?
Thank you :slight_smile:

2

Hi JCzic,

HL6528 TLS Client supports only TLS 1.0, not TLS1.1 and TLS1.2.
If the server need algorithm like sha256(TLS 1.2), then module will fail to access.

3

Ok thank you :slight_smile:

4

I suppose that *.google.com support all TLS versions to works with any machine?

5

Hi JCzic,
Could you share with me your AT logs?

6

SSL error (13) with HL6528x and now, internal trouble (5) with HL85xxx on https://hc2.fr or https://www.hc2.fr.
Works on https://www.google.fr

Logs :

AT+KHTTPSCFG=1,“hc2.fr

+KHTTPSCFG: 6

OK

+KHTTPS_IND: 6,1
AT+KHTTPSGET=6,"/"

NO CARRIER

+KHTTPS_ERROR: 6,5

7

Hi JCzic,

**Yes I see the +KHTTPS_ERROR : 0, 13 for HL6528. But it is old product and no maintainace now. **
HL8518 and HL8548 can work fine for “www.hc2.fr”.

Here’s my test logs:
--------------
ATI3
SIERRA HL6N,008.10.20CF.7445A
OK
AT+KCNXCFG=1,“GPRS”,"cmnet"
OK
AT+KHTTPSCFG=1,"www.hc2.fr"
+KHTTPSCFG: 0
OK
AT+KHTTPSGET=0,"/"
+KHTTPS_ERROR : 0, 13
-------------
ATI
HL8518
OK
ATI3
RHL85xx.5.14.0.7.5.20171229.x6255
OK
AT+KCNXCFG=1,“GPRS”,"cmnet"
OK
AT+KHTTPSCFG=1,"www.hc2.fr"
+KHTTPSCFG: 1
OK
+KCNX_IND: 1,4,1
+KCNX_IND: 1,1,0
+KHTTPS_IND: 1,1
AT+KHTTPSGET=1,"/"
CONNECT
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 19416
Content-Type: text/html
Last-Modified: Thu, 30 Aug 2018 23:42:49 GMT
Accept-Ranges: bytes
ETag: "eb6f1f29bb40d41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 22 Mar 2019 02:44:58 GMT

–EOF–Pattern–
OK
+KHTTPS_IND: 1,3,19691,200,"OK"
--------------
ATI
HL8548-G
OK
ATI3
RHL85xx.5.5.25.1.201809102043.x6250_1
OK
AT+KCNXCFG=1,“GPRS”,"cmnet"
OK
AT+KHTTPSCFG=1,"www.hc2.fr"
+KHTTPSCFG: 1
OK
+KCNX_IND: 1,4,1
+KCNX_IND: 1,1,0
+KHTTPS_IND: 1,1
AT+KHTTPSGET=1,"/"
CONNECT
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 19416
Content-Type: text/html
Last-Modified: Thu, 30 Aug 2018 23:42:49 GMT
Accept-Ranges: bytes
ETag: "eb6f1f29bb40d41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2019 09:52:20 GMT

–EOF–Pattern–
OK
+KHTTPS_IND: 1,3,19691,200,"OK"
--------------

8

Oky I see :slight_smile:

Thank you and have a nice day!