SSL/TLS certificate/key

0 votes

Hi everyone,

I am using a SARA U270 and I am trying to send HTTPS post to a server. I use the AT commands below to set up and activate a PSD connection, set a TCP socket, enable SSL/TLS on that socket and then carry out the HTTP/S setup. Unfortunately after the setup every time I post to the server it fails.

PSD connection

  • AT+UPSD=0,6,1
  • AT+UPSD=0,1,""
  • AT+UPSD=0,2,"abcd"
  • AT+UPSD=0,3,"abcd"
  • AT+UPSDA=0,3

TCP Socket creation

  • AT+USOCR=6

TCP Socket (enable SSL/TLS on socket 0 using default security profile)

  • AT+USOSEC=0,1,0

HTTP/S set up

  • AT+UHTTP=0
  • AT+UHTTP=0,1,""
  • AT+UHTTP=0,6,1,0                               

HTTPS post

  • AT+UHTTPC=0,5,"/api/data/add","result.txt","data=xxxxx",0


From what I have read it would seem that I do not need to have any certificates on my device if I am using the default security profile 0 (when enabling SSL/TLS on the TCP socket and enabling HTTP secure posts). I was hoping some could tell me if this the case or do I still need a certificate/key?

If I do need a certificate/key could someone give me some detail on exactly what I need to do? By this I mean do I need to physically load a key to my device from a file my server admin sends me? Do I load a public or private key? etc. Sorry if my questions seem easy, I quite new to HTTP posting and server communications

by CyberOddity asked Jan 31
+1 vote
Does the server support SSL?

What certificate is required on the server side?

Shouldn't they match?
by grumpy answered Feb 6
Hi Grumpy,

Thanks for the reply. I'm actually using a test server set up by someone else, he set it up to accept https posts but didn't give me much more detail than that. I am quite new to the server side of things and that's why I posted on here. If I use a TCP socket with SSL does he have to have the same configuration? Also does using security profile 0 not negate the need to check for keys/certs?
You may want to check with server people on that.
Yes, setting profile 0 would not require entering your certificates but if server does not accept this then you would not be able to connect.
Thank you so much, I will contact my server people and follow up with them.