Go Down

Topic: ESP8266 HTTPClient Library for HTTPS (Read 5272 times) previous topic - next topic


Hi there,

I am using a NodeMCU and I'm trying to get the following code to work using the HTTPClient library:

Code: [Select]
#include <ESP8266WiFi.h>
#include <ESP8266HTTPClient.h>

const char* ssid = "........";
const char* password = "........";
String deviceID = "testing123abcxyz";

void setup() {
  Serial.print("Connecting to ");
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
  Serial.println("WiFi connected");
  Serial.println("IP address: ");
  // Post data to dweet.io
  HTTPClient http;
  String URL = "http://dweet.io/dweet/for/" + deviceID + "?foo=bar&test=123"; // Works with HTTP
  http.begin(URL); // Works with HTTP
  int httpCode = http.GET();
  if (httpCode > 0) {
    String payload = http.getString();
    Serial.println(payload); // Print response

void loop() {
  // Nothing here

If I change line 25 to "https://" instead of "http://" then it doesn't work. I know that this library can work with HTTPS with a fingerprint, but what if I don't have one? I also tried "http.begin(URL, "");" to pass an empty fingerprint parameter in the function but that obviously didn't work either.



Aug 18, 2018, 07:28 am Last Edit: Aug 18, 2018, 07:30 am by isoboy
I'm posting here, because I face the same problem recently.
<This comment saved me.>

In summary:
If you're going to use HTTPS, you will need to specify the SHA1 fingerprint. The fingerprint can be generated from the site's certificate.

If you have curl and openssl with you, you can do the following:

1) Get the certificate from your site (443=HTTPS port)
Code: [Select]
openssl s_client -connect dweet.io:443

2) copy the certificate (from "-----BEGIN CERTIFICATE-----" to "-----END CERTIFICATE-----") and paste into a file (cert.perm).

3) Then use the cert.perm to generate SHA1 fingerprint
Code: [Select]
openssl x509 -noout -in ./cert.perm -fingerprint -sha1

4) Copy the SHA1 key, and put into your code. :)


It's way to late but this post is one one of the ones that gets returned by google so it's a good way to help others like me who are just starting out with this.

Here's a working example using the default HTTPClient. It does require setting the certificate's sha1 fingerprint in the begin statement.

Code: [Select]

void loop() {
  // wait for WiFi connection
  if ((WiFiMulti.run() == WL_CONNECTED)) {

    HTTPClient http;

    Serial.print("[HTTPS] begin...\n");

    http.begin("https://some.secure_server.com/auth/authorise", "2F 2A BB 23 6B 03 89 76 E6 4C B8 36 E4 A6 BF 84 3D DA D3 9F");

    http.addHeader("Content-Type", "application/x-www-form-urlencoded");
    int httpCode = http.POST("user_id=mylogin&user_password=this%20is%20my%20%24ecret%20pa%24%24word");
    if (httpCode > 0) {

      // HTTP header has been send and Server response header has been handled
      Serial.printf("[HTTP] ... code: %d\n", httpCode);

      // file found at server
      if (httpCode == HTTP_CODE_OK) {
        String payload = http.getString();
    } else {
      Serial.printf("[HTTP] ... failed, error: %s\n", http.errorToString(httpCode).c_str());



I did the same of your code but didn't connect:

here is my code:

Code: [Select]
if (WiFi.status() == WL_CONNECTED) {
HTTPClient http;
 Serial.print("[HTTPS] begin...\n");
http.begin("https://mysite.com/climate/status.php?id=1","55 25 65 47 85 7C 63 CD HH 08 62 57 B5 13 65 FF FF C0 FF 9E FG");
http.addHeader("Content-Type", "application/x-www-form-urlencoded");
int httpCode = http.GET();
if (httpCode > 0) {
  const size_t bufferSize = JSON_OBJECT_SIZE(2) + JSON_OBJECT_SIZE(3) + JSON_OBJECT_SIZE(5);
  DynamicJsonBuffer jsonBuffer(bufferSize);
  JsonObject& root = jsonBuffer.parseObject(http.getString());
int id = root["id"];
const char* state = root["status"];
String led = root["status"];
digitalWrite(2, LOW);
delay (200);
digitalWrite(2, HIGH);
if (led=="ON") {
  digitalWrite(LED_BUILTIN, 0);
else {
  digitalWrite(LED_BUILTIN, 1);

Any Idea please to solve it?

Go Up