I am having some issues while working with SIM800. I am trying to upload SSL certificate but it is not going through. I created a certificate saved it in .cer format. I wrote the certificate in SIM800. I am able to read the content of cer file also. But somehow simcom gave an error when I tried AT+SSLSETCERT.
Please check if you have specified the path and name of file properly.
Following are command and log file from my test setup.
AT+FSLS=\
User\
#bt\
#btmtk\
#BTMre\
myserver_net.crt
OK
AT+FSFLSIZE=\myserver_net.crt
+FSFLSIZE: 1911
AT+SSLSETCERT="\myserver_net.crt","ABCD123"
+SSLSETCERT: 0
As you can see , the import is successful.
But I have other problems after this step. The SIM800C is not able to GET or PUT with FTPS. I get error 1,80 or 1,64 . So first see if you get solution for your problem as above and then let me know if you are able to transfer files.
Related
I am trying to run the code from this repository
https://github.com/kbhokray/aadhaar
But getting error 570 as the included certificate is expired.
I replaced the uidai_auth_stage.cer with the latest file "AuthStaging25082025.cer" from this link
https://uidai.gov.in/en/ecosystem/authentication-devices-documents/developer-section/916-developer-section/data-and-downloads-section.html
Still getting same error.
It seems I need to replace the "Staging_Signature_PrivateKey.p12" too with latest one but the .p12 download link does not work on this website.
Can anyone help to spot where is the latest key to download or if I am making some other mistake in running this?
I'm getting errors, such as the one below, in my /var/log/mail.log file.
Apr 9 18:28:29 blueberry postfix/smtps/smtpd[13294]: warning: TLS library problem: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:../ssl/record/rec_layer_s3.c:1544:SSL alert number 45:
I'm 100% sure the certificates are valid since I'm using them on my websites, all of which couldn't be happier with them. Postfix was also happy previously, but since I renewed the certificates it's been spamming this when my Nextcloud server tries to (and can't) connect to the mail server, despite my mail client still working (although without rDNS as I didn't manage to get my provider to set it up).
I assume the blame is somewhere with Nextcloud - presumably the php handler for mail. Another thing that could be at fault that I tried to check is OpenSSL, but I have no idea how to replace its certificates with my own (generated by Acme.sh).
Both dovecot and postfix have in their config mentioned the correct path to my keys, hence the assumption above.
EDIT: Fixed it.
So, turns out, when I updated my certificate locations when I changed the method of acquiring them (certbot vs acme.sh), I got a typo in one of the filenames. /etc/dovecot/conf.d/10-ssl.conf was correct and so was /etc/postfix/main.cf, but /etc/postfix/vmail_ssl.map had a typo which I didn't see previously - and so was throwing a certificate error.
This has been a problem for myself and my colleagues who have also tried this for quite some time (we keep revisiting the issue to try and fix) whereby the process of getting the packages for a flutter app fails. It works perfectly from my home pc but in work it does not.
Running flutter pub get from my cli returns pub get failed (-10737418819). If I append -v to flutter pub get I get much more information which describes the HTTP get it attempts to make which is:
https://pub.dartlang.org/api/packages/cupertino_icons
with an accept header of 'application/vnd.pub.v2+json'
If I then use a tool such as Postman to send a Http Get with this information, it fails and reports that it could be down to:
Self-signed SSL certificates are being blocked:
Fix this by turning off 'SSL certificate verification' in Settings > General
So I turn this setting off and it works as expected, returning JSON data about the cupertino packages. I think the fix to my problem has something to do with SSL certificate verification but I don't know where to start. Does anyone have any idea?
Generally the Issue is from server side as the Website does not has SSL Certificate and you are trying to access with "https".
use the Same URL we "HTTP" it will work
Are wallets dedicated to the pc where we have created them? or can I move my ewallet.p12 file to another client?
If the answer is "yes, why not?" then could you take a look below?
I did:
create mijn_wallet on a pc on which I could find a proper oracle client installation
download the certificate to a folder
add certificate to mijn_wallet
then I tried to reach to https web site that I've gotten the certificate from.
...
utl_http.set_wallet('file:C:\ora_wall', 'foo');
l_req := utl_http.begin_request(l_url);
l_result := utl_http.get_response(l_req);
however, I keep getting the same sql error message: Certificate Validation Failure
Do you have any suggestion? Thank you very much.
downloading "a certificate" is not enough. moments ago I downloaded all the certificate chain, then imported to my wallet. Now it works..
I'm trying to retrieve data from an open data api. I have downloaded the certificate from the site and imported it into STRUST (SSL Client Anonymous).
Then I created a HTTP connection to external server in SM59. In the beginning it worked fine, until last week when the api changed its URL and so its DNS.
Of course it could no longer be reached by the current host. So I did above steps again for the new URL (changed everything accordingly like hostname etc. in SM59), but this time I receive following error:
SSL handshake with 'hostname:port' failed: SSSLERR_CONN_CLOSED (-10)#Remote
Peer has closed the network connection##SapSSLSessionStartNB()==SSSLERR_CONN_CLOSED##
Anyone has an idea on how to solve this?
On another forum someone helped me solve the problem. He pointed me out that the problem lies with SNI see: https://security.stackexchange.com/questions/101965/ssl3-error-when-requesting-connection-using-tls-1-2/102018#102018
https://en.wikipedia.org/wiki/Server_Name_Indication
To solve this problem you need to add following parameter: icm/HTTPS/client_sni_enabled and set it to TRUE on the DEFAULT profile. Afterwards you need to restart the application server in order to activate the effects of the parameter.
Link to the full question on SCN: https://answers.sap.com/questions/473015/sap-ssl-handshake-failed.html
EDIT:
I came across this error again later on, but this time it seemed that the error was caused because we used a certificate with TLS 1.2 which was not supported by our system. You can check this link: https://launchpad.support.sap.com/#/notes/510007 we implemented number 7 to fix this.