kopia lustrzana https://github.com/espressif/esp-idf
70 wiersze
4.4 KiB
Markdown
70 wiersze
4.4 KiB
Markdown
|
# HTTP server with TLS support using mbedTLS
|
||
|
|
||
|
(See the README.md file in the upper level 'examples' directory for more information about examples.)
|
||
|
|
||
|
Simple HTTPS example that uses mbedTLS to establish a secure socket connection using the certificate bundle with two custom certificates added for verification:
|
||
|
|
||
|
## How to use example
|
||
|
|
||
|
### Hardware Required
|
||
|
|
||
|
* A development board with ESP32/ESP32-S2/ESP32-C3 SoC (e.g., ESP32-DevKitC, ESP-WROVER-KIT, etc.)
|
||
|
* A USB cable for power supply and programming
|
||
|
|
||
|
### Configure the project
|
||
|
|
||
|
```
|
||
|
idf.py menuconfig
|
||
|
```
|
||
|
* Open the project configuration menu (`idf.py menuconfig`) to configure Wi-Fi or Ethernet. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../../README.md) for more details.
|
||
|
|
||
|
### Build and Flash
|
||
|
|
||
|
Build the project and flash it to the board, then run monitor tool to view serial output:
|
||
|
|
||
|
```
|
||
|
idf.py -p PORT flash monitor
|
||
|
```
|
||
|
|
||
|
(Replace PORT with the name of the serial port to use.)
|
||
|
|
||
|
(To exit the serial monitor, type ``Ctrl-]``.)
|
||
|
|
||
|
See the Getting Started Guide for full steps to configure and use ESP-IDF to build projects.
|
||
|
|
||
|
## Example Output
|
||
|
|
||
|
```
|
||
|
I (9599) example_connect: - IPv4 address: 192.168.194.219
|
||
|
I (9599) example_connect: - IPv6 address: fe80:0000:0000:0000:266f:28ff:fe80:2c74, type: ESP_IP6_ADDR_IS_LINK_LOCAL
|
||
|
I (9609) example: Seeding the random number generator
|
||
|
I (9619) example: Attaching the certificate bundle...
|
||
|
I (9619) example: Setting hostname for TLS session...
|
||
|
I (9629) example: Setting up the SSL/TLS structure...
|
||
|
I (9639) example: Connecting to www.howsmyssl.com:443...
|
||
|
I (10109) example: Connected.
|
||
|
I (10109) example: Performing the SSL/TLS handshake...
|
||
|
I (10789) esp-x509-crt-bundle: Certificate validated
|
||
|
I (15019) example: Verifying peer X.509 certificate...
|
||
|
I (15019) example: Certificate verified.
|
||
|
I (15019) example: Cipher suite is TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
|
||
|
I (15029) example: Writing HTTP request...
|
||
|
I (15039) example: 106 bytes written
|
||
|
I (15039) example: Reading HTTP response...
|
||
|
HTTP/1.0 200 OK
|
||
|
Content-Length: 2091
|
||
|
Access-Control-Allow-Origin: *
|
||
|
Content-Type: application/json
|
||
|
Date: Wed, 08 Sep 2021 09:28:59 GMT
|
||
|
Strict-Transport-Security: max-age=631138519; includeSubdomains; preload
|
||
|
|
||
|
{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_DHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_DHE_RSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_DHE_RSA_WITH_AES_256_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_DHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_DHE_RSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_DHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_DHE_RSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_DHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_DHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8","TLS_DHE_RSA_WITH_AES_128_CCM_8","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}
|
||
|
I (15829) example: Completed 1 requests
|
||
|
Minimum free heap size: 189136 bytes
|
||
|
I (15839) example: 10...
|
||
|
I (16839) example: 9...
|
||
|
I (17839) example: 8...
|
||
|
I (18839) example: 7...
|
||
|
I (19839) example: 6...
|
||
|
```
|