HTTPS connections for Let's Encrypt Certs?

yoyoboy · March 8, 2021, 6:29pm

Hey Folks,

I have an OpenMV H7 Plus with a standard Wifi Shield.

Has anyone figured out how to send REST requests to a site that uses a “Let’s Encrypt” free certificates? I have an OpenMV H7 Plus with a standard Wifi Shield. When I run the stock “Wifi-Shield/http_client_ssl.py” it connects to host “www.google.com” just fine, but when I change the host to my server (with a Let’s Encrypt certificate) it breaks with an “OSError: [Errno 5] EIO”. I know my site works and has a valid certificate, it gets a “green” certificate badge in chrome…

Am I missing some obvious thing?

Thanks,
Eric

yoyoboy · March 8, 2021, 6:29pm

After looking at the output, I guess I should mention that the actual error code is: mbedtls_ssl_handshake error: -7780 When I look up that code I find:

from “ssl.h File Reference - API Documentation - mbed TLS (Previously PolarSSL)”

#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
A fatal alert message was received from our peer.

kwagyeman · March 8, 2021, 6:29pm

No clue, but, MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE - Google Search

Might have an answer.

yoyoboy · March 8, 2021, 6:29pm

Argh!

Ok, I just double checked my cert and it does have an issue, turns out you need to use letsencrypt’s fullchain.pem instead of the cert.pem file (on the server).

I am a bonehead, please disregard this thread.