Hi, I continue testing my Fez Cobra II for evaluate if it is suitable for my new board designs, now another problem…
I want simply test if the board can receive a web page over a secure HTTP connection (HTTPS). The firmware is the lastest version available today (4.3.7.10) and I’ve already updated the SSL seed using MFDeploy. I can receive HTTP responses but not HTTPS one.
I’ve never used HTTPS in C# before, so I’think I miss some thing.
You can try this strange behaviour using this simple test program that I’ve written. If you use the first queryString (HTTP) it works but if you enable the second one (Google HTTPS) the code hangs on request.GetResponse() (In the emulator works)
Thanks in advance
using System;
using System.IO;
using System.Net;
using System.Threading;
using GHI.Networking;
using GHI.Pins;
using Microsoft.SPOT;
using Microsoft.SPOT.Hardware;
using Microsoft.SPOT.Net.NetworkInformation;
namespace MF_G120_HTTPS
{
public class Program
{
#region Network test
private static EthernetENC28J60 _enc;
private static bool _hasAddress;
private static bool _available;
public static void InitNetwork()
{
NetworkChange.NetworkAvailabilityChanged += NetworkChange_NetworkAvailabilityChanged;
NetworkChange.NetworkAddressChanged += NetworkChange_NetworkAddressChanged;
_enc = new EthernetENC28J60(SPI.SPI_module.SPI2, G120.P1_17, G120.P2_21, G120.P1_14);
_enc.Open();
_enc.EnableStaticIP("192.168.2.243", "255.255.255.0", "192.168.2.6");
_enc.EnableStaticDns(new[] { "192.168.1.1", "8.8.8.8" });
while (!_hasAddress || !_available)
{
Debug.Print("Initializing");
Thread.Sleep(100);
}
}
private static void NetworkChange_NetworkAvailabilityChanged(object sender, NetworkAvailabilityEventArgs e)
{
Debug.Print("Network available: " + e.IsAvailable.ToString());
_available = e.IsAvailable;
}
private static void NetworkChange_NetworkAddressChanged(object sender, EventArgs e)
{
Debug.Print("The network address has changed.");
_hasAddress = _enc.IPAddress != "0.0.0.0";
}
#endregion
public static void Main()
{
InitNetwork();
//const string queryString = "http://ipinfo.io/json";
const string queryString = "https://www.google.com";
HttpWebRequest request = WebRequest.Create(queryString) as HttpWebRequest;
try
{
using (WebResponse response = request.GetResponse())
{
// Get the stream associated with the response.
Stream receiveStream = response.GetResponseStream();
// Pipes the stream to a higher level stream reader with the required encoding format.
StreamReader readStream = new StreamReader(receiveStream);
string responseString = readStream.ReadToEnd();
Debug.Print(responseString);
response.Close();
readStream.Close();
}
}
catch (Exception e)
{
Debug.Print("ERROR: Exception for geobytes.com" + e.ToString());
}
if (request != null)
request.Dispose();
Thread.Sleep(Timeout.Infinite);
}
}
}
@ Cybernox - I believe you need to set the SSL certificates. https://www.ghielectronics.com/docs/30/networking#3370 can help with that.
@ John - Thanks for your suggestion but I don’t think that is the correct solution. I’ve tried to use the google certificate as resource and as a const string but not works.
Here a simple test program that hangs again on GetResponse():
using System;
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading;
using GHI.Networking;
using GHI.Pins;
using Microsoft.SPOT;
using Microsoft.SPOT.Hardware;
using Microsoft.SPOT.Net.NetworkInformation;
namespace MF_G120_HTTPS
{
public class Program
{
#region Network test
private static EthernetENC28J60 _enc;
private static bool _hasAddress;
private static bool _available;
public static void InitNetwork()
{
NetworkChange.NetworkAvailabilityChanged += NetworkChange_NetworkAvailabilityChanged;
NetworkChange.NetworkAddressChanged += NetworkChange_NetworkAddressChanged;
_enc = new EthernetENC28J60(SPI.SPI_module.SPI2, G120.P1_17, G120.P2_21, G120.P1_14);
_enc.Open();
_enc.EnableStaticIP("192.168.2.243", "255.255.255.0", "192.168.2.6");
_enc.EnableStaticDns(new[] { "192.168.1.1", "8.8.8.8" });
while (!_hasAddress || !_available)
{
Debug.Print("Initializing");
Thread.Sleep(100);
}
}
private static void NetworkChange_NetworkAvailabilityChanged(object sender, NetworkAvailabilityEventArgs e)
{
Debug.Print("Network available: " + e.IsAvailable.ToString());
_available = e.IsAvailable;
}
private static void NetworkChange_NetworkAddressChanged(object sender, EventArgs e)
{
Debug.Print("The network address has changed.");
_hasAddress = _enc.IPAddress != "0.0.0.0";
}
#endregion
private const string cert = @ "-----BEGIN CERTIFICATE-----
MIIGzzCCBbegAwIBAgIIHwGik6kxoR4wDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwOTA5MjI0NDQyWhcNMTUxMjA4MDAwMDAw
WjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5n
b29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBgMJ1oi/xjQ8q942
9sc5J0FCxh8G85DdK9nGSVci/GJNb9BwJnACtxn59iHzFN+LaVSbqAe2Bu/mF/zb
OgpU9aOCBGcwggRjMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCCAyYG
A1UdEQSCAx0wggMZggwqLmdvb2dsZS5jb22CDSouYW5kcm9pZC5jb22CFiouYXBw
ZW5naW5lLmdvb2dsZS5jb22CEiouY2xvdWQuZ29vZ2xlLmNvbYIWKi5nb29nbGUt
YW5hbHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2ds
ZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2ds
ZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdv
b2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUuY29tLnRygg8q
Lmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5lc4ILKi5nb29n
bGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyou
Z29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdv
b2dsZWFwaXMuY26CFCouZ29vZ2xlY29tbWVyY2UuY29tghEqLmdvb2dsZXZpZGVv
LmNvbYIMKi5nc3RhdGljLmNugg0qLmdzdGF0aWMuY29tggoqLmd2dDEuY29tggoq
Lmd2dDIuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29tghAq
LnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1
YmUuY29tghYqLnlvdXR1YmVlZHVjYXRpb24uY29tggsqLnl0aW1nLmNvbYILYW5k
cm9pZC5jb22CBGcuY2+CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdv
b2dsZS5jb22CEmdvb2dsZWNvbW1lcmNlLmNvbYIKdXJjaGluLmNvbYIIeW91dHUu
YmWCC3lvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbTALBgNVHQ8EBAMC
B4AwaAYIKwYBBQUHAQEEXDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2ds
ZS5jb20vR0lBRzIuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29v
Z2xlLmNvbS9vY3NwMB0GA1UdDgQWBBSzJWsKofyvdfqrbaPsUM2JWe1SSTAMBgNV
HRMBAf8EAjAAMB8GA1UdIwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1Ud
IAQaMBgwDAYKKwYBBAHWeQIFATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYf
aHR0cDovL3BraS5nb29nbGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOC
AQEAY2VWBouS7xPbf77vVqv8n9itCT1U1KKnb7CCo5IjUpflqsAx287bpvj1FOby
MElgvtIAAUt7gk5BtTmEqLJUGVujPh+mc2MMnASnsOr7nGMS+sWZvCTq73ZGZQi8
UMaAtwRz6+bxpoVBBJ9XIyHkSaF6/lcRBhtziuRwA8axmoNAbRhPo1vF7kD30mmb
ssJdWn5KQEeSuDU6Q+7uGQ2AVeb7uXGuiZ7krwiGawhmNWzwEpevIoEV8Wxs7o1q
0K1zsIN52WVGPFFIDIoZ0MfTNPlH2thxkdhrT/WM2hZfgpqL4LdKxEibPnMJ4BHp
hUoJXD02nlLZDWLtPeA2ACZqjQ==
-----END CERTIFICATE-----";
static void DownloadOverSsl(string url, byte[] certificate)
{
using (var request = HttpWebRequest.Create(url) as HttpWebRequest)
{
request.HttpsAuthentCerts = new X509Certificate[] { new X509Certificate(certificate) };
request.KeepAlive = false;
using (var response = request.GetResponse())
{
using (var stream = response.GetResponseStream())
{
var result = string.Empty;
var buffer = new byte[4096];
var read = 0;
stream.ReadTimeout = 5000;
for (var left = response.ContentLength; left > 0; )
{
Thread.Sleep(1000);
try
{
read = stream.Read(buffer, 0, buffer.Length);
}
catch
{
continue;
}
left -= read;
result += new string(Encoding.UTF8.GetChars(buffer, 0, read));
}
Debug.Print(result);
}
}
}
}
public static void Main()
{
InitNetwork();
const string queryString = "https://www.google.com";
try
{
DownloadOverSsl(queryString, Encoding.UTF8.GetBytes(cert));
}
catch (Exception e)
{
Debug.Print(e.ToString());
}
Thread.Sleep(Timeout.Infinite);
}
}
}
@ Cybernox - Did you use the GeoTrustGlobalCA certificate?
@ John - I’ve just tried with the GeoTrust certificate and the app hang on GetResponse.
Does any one have a simple test program or a piece of working code for HTTPS on Fez Cobra 2? Just for test. For now my choice is to avoid HTTPS in my apps.
Thanks.