WiFiClientSecure says "Chain could not be linked to a trust anchor"

Other Hardware Home Automation
1

Hi,
here are I am with some error. I have to connect an ESP8266 to "https://www.solaxcloud.com".
When the ESP8266 is started, the very first client.connect() fails, then I have to setInsecure() which will make connnect() succeeds.
Then all next successive client.connect() will directly succeed. I suppose that the "setInsecure()" have been reset to secure, right ?
All certificates were installed and given to the client as shown here.

const char solaxcloudCert[]  = \
"-----BEGIN CERTIFICATE-----\n" \
"MIIGCjCCBPKgAwIBAgIQC/XSMz1naO+IUoWBsV0YTzANBgkqhkiG9w0BAQsFADBu\n" \
...
...
"gXJL2BySFok8CsxI36M=\n" \
"-----END CERTIFICATE-----";

const char digitcertCert[] = \
... 

const char www_digitcertCert[] = \
...

const char root_digitcertCert = \
...


WiFiClientSecure client;
X509List cert(solaxcloudCert); 

void setup() {
    ...
    cert.append(digitcertCert);
    cert.append(www_digitcertCert);
    cert.append(root_digitcertCert);
    client.setTrustAnchors(&cert);

    sendHttpRequest();

}

void sendHttpRequest() {
	...
	if (!client.connect("www.solaxcloud.com", 443))  {
		  Serial.println("secure SSL failed");
		  char buf[256];
		  client.getLastSSLError(buf,256);
		  Serial.print("WiFiClientSecure SSL error: ");
		  Serial.println(buf);
		  Serial.println("Lets try unsecure SSL");
		  client.setInsecure();
		  if (!client.connect("www.solaxcloud.com"", 443)) {
                       Serial.println("HTTPS unsecure connection to www.solaxcloud.com has failed");
                       client.stop();
                       return;
  		  }
      }
      
      client.println("GET /proxyApp/proxy/api/getRealtimeInfo.do?tokenId=blablabla HTTP/1.1");
      client.println("Host: " + SOLAXCLOUD_API_HOST);
      client.println("Connection: close");
      client.println();
      Serial.println("Request sent");

      client.stop();
}

16:44:33.673 -> Connecting to web server www.solaxcloud.com
16:44:33.705 -> try secure SSL first
16:44:37.664 -> secure SSL failed
16:44:37.664 -> HTTP connection status: 4
16:44:37.696 -> MFLN connection status: 0
16:44:37.696 -> WiFiClientSecure SSL error: Chain could not be linked to a trust anchor.
16:44:37.729 -> Lets try unsecure SSL
16:44:38.653 -> successfully connected to server www.solaxcloud.com
16:44:38.686 -> GET /proxyApp/proxy/api/getRealtimeInfo.do?tokenId=blablabla HTTP/1.1
16:44:38.719 -> Request sent

16:47:38.679 -> Connecting to web server www.solaxcloud.com
16:47:38.711 -> try secure SSL first
16:47:39.725 -> successfully connected to server www.solaxcloud.com
16:47:39.725 -> GET /proxyApp/proxy/api/getRealtimeInfo.do?tokenId=blablabla HTTP/1.1
16:47:39.789 -> Request sent

Any idea ?
Thanks,
Bernard

2

Are you sure you have the certificates for 'digicert.com' and not 'digitcert.com'?

3

oups... damned you are right, thank you for that :grinning:, I have corrected that and it runs.

4

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.