Tomorrow.io weather service - https only?

I am using an ESP8266. I am changing my weather service and tried interfacing with weather.io.
The header response is a 301 error, redirecting me to a https location.

Does the API require https? The docs are unclear here. I found many examples on the web where it's not using https but I suspect those examples are years old. This is a small snip of the code (replaced actual API key with 12345)


weatherserver="api.tomorrow.io";
url = "/v4/weather/realtime?";
apikey="12345&units=imperial";
client.connect(weatherserver, 80);

This is the command:
client.print("GET " + url + " HTTP/1.1\r\n" + "Host: " + weatherserver + "\r\n" + "Connection: close\r\n\r\n");

This is the response I getting from the server:
HTTP/1.1 301 Moved Permanently
Date: Thu, 25 Apr 2024 15:28:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: https://api.tomorrow.io:443/v4/weather/realtime?apikey=12345&location=29483&units=imperial
CF-Ray: 879f5d940ae11d78-ATL
CF-Cache-Status: DYNAMIC
Cache-Control: private
cf-apo-via: origin,host
Set-Cookie: -1.0.1.1-zExyHXKkPs7ZFYnQ; path=/; expires=Thu, 25-Apr-24 15:58:54 GMT; domain=.tomorrow.io; HttpOnly
Server: cloudflare

Yes. That is the standard behavior when requiring HTTPS. Same when attempting to access the site root:

$ curl -i api.tomorrow.io
HTTP/1.1 301 Moved Permanently
Date: Mon, 29 Apr 2024 19:52:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://api.tomorrow.io:443/

Do you know how to use HTTPS?

I have no idea how to.

For ESP8266, if you already have

#include <WiFiClient.h>
// these two lines are not necessarily adjacent like this
WiFiClient client;  // or whatever variable name you chose

you can try adding Secure to those

#include <WiFiClientSecure.h>
WiFiClientSecure client;

Then after connecting with WiFi.begin, but before connecting to the site, temporarily disable site verification, just to see if everything else works to your satisfaction

client.setInsecure();

This allows you to skip assigning the certificate for the site(s) you visit, which involves some manual work to retrieve the cert, for configuration that varies depending on the exact board and library. No point doing that if this API does not meet your requirements.

This is the Wifi lib the project is using:

Is that the same?

No, WiFiManager is an entirely optional component; but it does (on ESP8266) include ESP8266WiFi.h, a platform-specific variant of WiFi.h; which in turn includes both WiFiClient.h and WiFiClientSecure.h, which is why you never had to include either. So you should be able to change

WiFiClient client;

to

WiFiClientSecure client;

and then add

client.setInsecure();

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.