HTTPS client is here for the Photon! - by the glowfi.sh Team

I’m still working on it so will post here if I have any success.

One thing I am not seeing as many of the Serial.println outputs as I would have expected from the HTTPS library.

I even went so far as to hardcoding true for the if statements

My Code - http://pastebin.com/i5Y1KPQW
HTTPS Library - http://pastebin.com/1FQPfJ7Z

All I see is this on the output is this

Serial Output - http://pastebin.com/3zZ4tHGk

but with all the Serial.println statements in the library thought I should be seeing a lot more.

I don’t know. I’ve not spent much time looking at glowfish.

It looks to me like it might be ALL_RSA_CAS.h that store the CA root certificates but I’ve not had time to prove or disprove that. At the moment I am not convinced that the software is validating against the CA certificates. If you want to use glowfish then I think you first need to get one of the examples working and then experiment with the settings and the CA files to see which settings cause it to fail the verification checks.

1 Like

Just wanted to chime in on this - I solved my AWS issues by using Adafruit’s WICED Feather hardware for my prototyping. This is based on the same P0 chip, but has a completely different firmware. I now have a client that connects to AWS IoT cloud and posts data perfectly. I’m seeing response times of 30-35ms, so this certainly isn’t shabby.

I really wish that the Particle team could get this working though as I really want to use their ecosystem with OTA & firmware updates. Maybe they could look at the Adafruit code and find some inspiration there? https://github.com/adafruit/Adafruit_WICED_Arduino/

2 Likes

Agreed. I’ve been prototyping on their hardware for some commercial applications but without https it is no deal with my clients. As another poster pointed out in another thread there are some good other devices out there that are capable that sadly are the better option.

Looking on the Adafruit website it lists a Feather device (product id 3056) that appears to do HTTPS but it’s a lot more expensive ($35 vs £19) than the Photon - is that the one you are using?

@timx Yes. The extra $15 isn’t very relevant for me as I’ll have to design my own PCB anyway. If I can buy preloaded P0 modules from Particle that’s great. I can also flash my own modules with the Adafruit firmware, but if possible I’d like to avoid it.

Adafruit is missing the OTA updates and many other things, so there’s drawbacks with both solutions. The biggest drawback with Adafruit is that this is their only product based on the P0 module. If they decide that they’re not making enough money from it, they can just ditch the product and leave me in the dirt. Particle has a solid ecosystem built up around this device, but I have to be able to connect to AWS, so if Particle does not solve that I’ll have to use the Adafruit firmware.

I dunno for sure, but I think Particle is basically selling the Photon at a loss as their marketing push toward Makers? Their main business model is to create a great API and then sell server services that makes it fast to roll out new internet-connected hardware. The more Makers they get on board, the higher their sales volume will be. I’ve seen some of the Hangouts they’ve posted on Youtube and I really like their thinking. I think it’s a good model both for me and for them.

2 Likes

I agree, I need/want to be able to dial in an AWS API gateway endpoint (HTTPS).

I see that as a) more efficient than going via a webhook that requires their server processing of the request and response b) a form of independence from where-ever particle heads

@mterrill I think Particle is working on an AWS integration now actually. Not sure if it will require a webhook or not.

Are you planning on writing up some documentation (aside from the two examples)?

webhook based. all they’re doing is making it easier for less advanced users to get up and going

1 Like

My maths on building my own components leads to the educated guess the particle board has a nice degree of margin at volume

@mterrill

I’m really interested in using HTTPS for AWS as well, are you planning on doing this using a photon or electron?
The reason I ask, I’m trying to weigh up the difference between using webhooks (potentially costly if calling more than every ~5 minutes with a large fleet of devices) compared to using HTTPS directly - which on an electron I imagine could use substantial data if you are re-establishing a secure connection every time you post to AWS.

Would be interested to hear your thoughts.

Agreed, for the same reasons.
It actually doesn’t make commercial sense for Particle to route all webhooks at volume through their service. a) another link in the chain prone to failure, and the device registration failures the other month affected me. b) why chain multiple services together when its just another layer of cost?

My photon devices are pinging every 15 seconds, I’m not quite so data constrained for re-establishing SSL, but its an interesting consideration.

1 Like

That would have been my guess as well. My assumption was that these webhooks would be Lambda functions (I think Particle is on AWS?) and hence not too costly in the scheme of things. However they seem to be having difficulty managing scaling. I’ve been following the Particle network status email list for about a year and I have to say I’m a bit concerned at how often we get ‘webhook delays’ or ‘webhooks not firing’ and then an explanation saying they have adjusted something or added capacity. (The last of these was mere hours ago).
Webhooks probably won’t be super critical in my application, but I would think for many, these interruptions won’t be acceptable - especially when paying rollout pricing and above.

1 Like

network status email list???!!! How do I subscribe?

I routinely get problems with my customers and all I have is, ‘is your Wifi working?’ if I don’t know its actually webhooks. I’ve got cloudwatch observing my AWS side of things, with appropriate alarming, but if they’re dropping webhooks on their end then thats invisible to me.

I do believe they’re with AWS, east coast, my guess is custom managed servers as HTTP gateway integration isn’t something they support (they would if they were using it). I’ve paired my http gateway services and lambda to be also on the east coast to reduce latency, while I run my customer facing services from West coast (closer to Australia etc).

The button at the top of the page here http://status.particle.io/

Good points regarding AWS location, my servers are currently in Sydney (Most of my customers are currently in NZ) but I might shift the backend to East Coast.

1 Like

hello bbs, wondering if there are any updates on this issue? I use the Particle photon but couldn’t get the https work using glowfi.sh’s library :frowning:

Here are my issues:

  1. the red blinking: no matter how adjust my code, eventually the device will turn to sos mode, indicated by red blinking led. Although some people said the working time can be prolonged by increasing delay time between each loop, the hardware will be crashed eventually.

  2. Before firmware crash, I cannot send request successfully as well (what I use currently as a trial is GET https://www.example.com, whose request can be found using curl -v https://www.example.com).
    The error information shown to me is matrixSslNewClientSession: -10. And I noticed that the available memory monitored by System.freememory() is decreased continuously, leading to final crash of whole device…

  3. I would like to have a try using the example code, however, it looks like there are no server named api.glowfi.sh using either webrowser, nslookup, or curl… Can some one let me know I can I register an account on glowfi.sh?

========================================================

Opening serial monitor for com port: "/dev/ttyACM0"
free memory: 31596
matrixSslNewClientSession:-10
New Client Session Failed: Exiting

massive fail
free memory: 30332
matrixSslNewClientSession:-10
New Client Session Failed: Exiting

massive fail
free memory: 28956
matrixSslNewClientSession:-10
New Client Session Failed: Exiting

massive fail
free memory: 28716
matrixSslNewClientSession:-10
New Client Session Failed: Exiting

massive fail
free memory: 27756
matrixSslNewClientSession:-10
New Client Session Failed: Exiting

........the available memory decreased continuously...... 

massive fail
free memory: 932
matrixSslNewClientSession:-10
New Client Session Failed: Exiting

massive fail
........and finally crashed :frowning:......

========================================================

Appreciate for any suggestions!

An alternative to try is this:

3 Likes

Thank you sooooo much! problem solved :smile:

@michaelT
Thanks to glowfi.sh I was able to build the code for my particle electron and tried to https post a data to my server however I only got errors.
I only changed host and ad_endpoint, se_endpoint and removed “Authorization: Basic XXXX…XXX\r\n” in the httpRequestContent[]

Following is the result. Is there anybody can help solving this issue?

Using 2048 bit RSA private key
Keys Loaded
New Session key!:
free memory: 0
matrixSslNewClientSession:1
free memory 3: 63160
Bytes sent Successfully?!: 92
matrixSslSentData: 0
Sent Successfully?!, everything good
matrixSslGetReadbuf: 6000
HttpClient>     Done before full len
0
HttpClient>     Done before full len
0
HttpClient>     Done before full len
0
HttpClient>     Done before full len
0
HttpClient>     Done before full len
2655
Received: 2655
certCb invoked: 45
WARNING: Certificate date window validation not implemented
SUCCESS: Validated!
matrixSslReceivedData: Tx: 2655 Len: 0 rc: 1