SSL on Original Cobra in NETMF 4.3

Hi, Some advice please.

Does the original FEZ Cobra 1.3 support SSL Client?

I am ultimately attempting to post data to a google form, but have prepared a small test application that does a https request to google it is based on the NETMF 4.2 HTTPClient sample. I get a error at run time when i try to call HttpWebRequest.GetResponse

Exception System.Net.Sockets.SocketException CLR_E_FAIL (1)

What exactly does this error code mean and is it possible to access an inner error?

Hardware [url]https://www.ghielectronics.com/catalog/product/131[/url] (this page indicates SSL is supported)
Framework NETMF4.3
Studio 2010 Express

I have set the System time to the correct time using NTP. I have used MFDeploy to Update SSL seed. I have used IE to export the Root Certificate for the Google page I am trying to connect to, added this file to resources in my project and set the HttpWebRequest.HttpsAuthentCerts property to this cert.

A plain Http GET works fine.

Any help is greatly appreciated.
Ben.

Thanks andre.m,

Yes as i wrote in my post. [quote] I have used IE to export the Root Certificate for the Google page I am trying to connect to, added this file to resources in my project and set the HttpWebRequest.HttpsAuthentCerts property to this cert. [/quote]

As per the instructions on the page you linked.

I have also tried to verify this step by dliberety referencing an invalid certificate i do receive a different runtime error at the statment where the HttpAuthentCerts is set as I expected.

@ starry - What happens if you try the same code in the emulator?

Thanks John,

My test project works fine in the microsoft emulator, I am able to get a response from the https GET.

( I have found I do need to remove the references to GHI.Networking.EthernetBuiltIn to get the project to run in the emulator though.)

@ starry - Did you try the code exactly as posted in the networking document? Does a non-SSL request work fine using the exact same connection setup that is failing for SSL? What 4.3 SDK are you using?

Thanks John,

My code is identical to the extracts posted in the networking document. https://www.ghielectronics.com/docs/30/networking#3370
The non-ssl function Titled “HTTP Communication” works fine while the function DownloadOverSsl() Fails with the same error described in my first post. NETMF 4.3.2 SDK QFE2 RTM


using GHI.Networking;
using Microsoft.SPOT;
using Microsoft.SPOT.Hardware;
using Microsoft.SPOT.Net.NetworkInformation;
using System;
using System.Net;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
using System.Text;

namespace GHINetworking
{
    public class Program
    {
        private static EthernetBuiltIn netif;

        public static void Main()
        {
            NetworkChange.NetworkAvailabilityChanged += NetworkChange_NetworkAvailabilityChanged;
            NetworkChange.NetworkAddressChanged += NetworkChange_NetworkAddressChanged;

            netif = new EthernetBuiltIn();
            netif.Open();
            netif.EnableDhcp();
            netif.EnableDynamicDns();

            while (netif.IPAddress == "0.0.0.0")
            {
                Debug.Print("Waiting for DHCP");
                Thread.Sleep(250);
            }

            //The network is now ready to use.
            QueryURL();
            
            
            SSLObj sso = new SSLObj();

            byte[] GHI = Resources.GetBytes(Resources.BinaryResources.GHI);
            sso.DownloadOverSsl("https://www.ghielectronics.com/docs/30/networking#3370",GHI);
        }

        private static void NetworkChange_NetworkAddressChanged(object sender, Microsoft.SPOT.EventArgs e)
        {
            Debug.Print("Network address changed");
        }

        private static void NetworkChange_NetworkAvailabilityChanged(object sender, NetworkAvailabilityEventArgs e)
        {
            Debug.Print("Network availability: " + e.IsAvailable.ToString());
        }
        private static void QueryURL()
        {
            byte[] result = new byte[65536];
            string results;
            int read = 0;

            using (var req = HttpWebRequest.Create("http://xkcd.com/") as HttpWebRequest)
            {
                using (var res = req.GetResponse() as HttpWebResponse)
                {
                    using (var stream = res.GetResponseStream())
                    {
                        do
                        {
                            read = stream.Read(result, 0, result.Length);

                            Thread.Sleep(20);
                        } while (read != 0);

                    
                        results = new string( Encoding.UTF8.GetChars(result, 0, result.Length) );
                        Debug.Print(results);
                    }
                }
            }

            //The result array now contains the data received from the remote server.
        }
    
    }
    public class SSLObj
    { 
        //Constructor
        public SSLObj()
        {
        
        }

        public void DownloadOverSsl(string url, byte[] certificate)
        {
            using (var request = HttpWebRequest.Create(url) as HttpWebRequest)
            {
                request.HttpsAuthentCerts = new X509Certificate[] { new X509Certificate(certificate) };
                request.KeepAlive = false;

                using (var response = request.GetResponse())
                {
                    using (var stream = response.GetResponseStream())
                    {
                        var result = string.Empty;
                        var buffer = new byte[4096];
                        var read = 0;

                        stream.ReadTimeout = 5000;

                        for (var left = response.ContentLength; left > 0; )
                        {
                            Thread.Sleep(1000);

                            try
                            {
                                read = stream.Read(buffer, 0, buffer.Length);
                            }
                            catch
                            {
                                continue;
                            }

                            left -= read;

                            result += new string(Encoding.UTF8.GetChars(buffer, 0, read));
                        }

                        Debug.Print(result);
                    }
                }
            }
        }
    }
}


@ starry - Thanks for the code. What version of our SDK and firmware are you using? Not the NETMF version.

Sorry @ John I hope this post provides enough information, Thanks again for sticking with me on this.

From FEZ Config:

Loader (TinyBooter) version information:
4.3.7.10 on this computer.
4.3.7.10 on this device.

The Loader (TinyBooter) is up to date. <<<
Firmware (TinyCLR) version information:
4.3.7.10 on this computer.
4.3.7.10 on this device.
The Firmware (TinyCLR) is up to date. <<<

From About box in FEZ Config

NETMF v4.3:
Libraries: 4.3.7.10
EMX: 4.3.7.10 Firmware, 4.3.7.10 Loader
G30: 4.3.7.10 Firmware
G80: 4.3.7.10 Firmware
G120: 4.3.7.10 Firmware, 4.3.7.7 Loader
G400: 4.3.7.10 Firmware, 4.3.7.7 Loader
Cerb-Family: 4.3.7.10 Firmware, 4.3.7.7 Loader
FEZ Hydra: 4.3.7.10 Firmware, 4.3.7.7 Loader

From ““C:\Program Files (x86)\GHI Electronics\NETMF v4.3 SDK\Release Notes.txt””


NETMF v4.3 SDK


2015 R1
Built 2015-08-25
Requires NETMF SDK 4.3 QFE2

@ starry - Thanks, we will take a look and see if we can find anything.

@ John - were you able to replicate the exception I have seen or is SSL working for you?

@ starry - We don’t have anything yet.

Has anybody out there had success with this?

@ starry - Can you post the complete exception stack trace? What site are you trying to connect to and what is the full name of the certificate you are using?