You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When a meadow app attempts to request this API https://api.sunrisesunset.io/json?lat=47.333&lng=13.333 , it throws A fatal alert message was received from our peer, since Meadow doesn't support SNI for HttpClient.
To Reproduce
Simply make an HTTP request to this API:
using HttpClient client = new HttpClient();
// Send a GET request to the specified Uri
HttpResponseMessage response = await client.GetAsync(apiurl).ConfigureAwait(false);
// Ensure we received a successful response.
response.EnsureSuccessStatusCode();
// Read the response content as a string asynchronously
string content = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
Resolver.Log.Info($"Received JSON String: {content}");
return await Task.FromResult(content).ConfigureAwait(false);
Expected behavior
The request should return a successful result return as well as not throw this exception.
Meadow (please complete the following information as best as you can):
Model: F7Micro
Hardware version: F7CoreComputeV2
Device name: MeadowCoreCompute
Hardware Information
Processor type: STM32F777IIK6
ID: 3A-00-21-00-0D-50-4B-55-30-38-31-20
Serial number: 20523874554B
Coprocessor type: ESP32
MAC Address -
WiFi: 4C:75:25:D5:78:A0
ssl_client.c:0042: client hello, adding server name extension: api.sunrisesunset.io
ssl_tls13_client.c:0057: client hello, adding supported versions extension
ssl_tls13_client.c:0080: supported version: [3:4]
ssl_tls13_client.c:0086: supported version: [3:3]
ssl_tls13_client.c:0572: no cookie to send; skip extension
ssl_tls13_client.c:0285: client hello: adding key share extension
ssl_tls13_generic.c:1651: Perform PSA-based ECDH/FFDH computation.
ssl_tls13_generic.c:1689: psa_generate_key() returned -27648 (-0x6c00)
ssl_client.c:1012: <= write client hello
ssl_tls.c:4617: <= handshake
failed
! mbedtls_ssl_handshake returned -0x6c00
Last error was: -27648 - SSL - Internal error (eg, unexpected failure in lower-level module)
What is interesting is that when I force the mbedTLS to use TLS 1.2, instead TLS 1.3 by adding the following:
mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); // Force TLS 1.2
The request worked perfectly! So, it indicates to me that there might be a problem with the TLS 1.3, somehow the server is not properly working with mbedTLS TLS 1.3.
duduita
changed the title
TLS handshake throws 'A fatal alert message was received from our peer' exception
SNI for HttpClient does not work
May 4, 2024
Describe the bug
When a meadow app attempts to request this API
https://api.sunrisesunset.io/json?lat=47.333&lng=13.333
, it throwsA fatal alert message was received from our peer
, since Meadow doesn't support SNI for HttpClient.To Reproduce
Simply make an HTTP request to this API:
Expected behavior
The request should return a successful result return as well as not throw this exception.
Meadow (please complete the following information as best as you can):
Model: F7Micro
Hardware version: F7CoreComputeV2
Device name: MeadowCoreCompute
Hardware Information
Processor type: STM32F777IIK6
ID: 3A-00-21-00-0D-50-4B-55-30-38-31-20
Serial number: 20523874554B
Coprocessor type: ESP32
MAC Address -
WiFi: 4C:75:25:D5:78:A0
Firmware Versions
OS: 1.11.0.0
Mono: 1.11.0.0
Coprocessor: 1.11.0.0
Protocol: 7
Additional context
I got the following error:
What is interesting is that when I force the mbedTLS to use TLS 1.2, instead TLS 1.3 by adding the following:
mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); // Force TLS 1.2
The request worked perfectly! So, it indicates to me that there might be a problem with the TLS 1.3, somehow the server is not properly working with mbedTLS TLS 1.3.
More details regarding that, see this mbedTLS issue.
The text was updated successfully, but these errors were encountered: