The HTTP(S) client JSON demo application demonstrates how to perform GET and POST requests to a remote API endpoint, handling JSON data payloads over both non-secure (HTTP) and secure (HTTPS) channels.
- MCUXpresso 24.12.148 or newer.
- [SDK for MIMXRT1060-EVKC] (https://mcuxpresso.nxp.com/en/select)
- Open MCUXpresso IDE, in the Quick Start Panel, choose Import from Application Code Hub
- Enter the demo name in the search bar.
- Click Copy GitHub link, MCUXpresso IDE will automatically retrieve project attributes, then click Next>.
- Select main branch and then click Next>, Select the MCUXpresso project, click Finish button to complete import.
-
Connect a USB cable between the host PC and the OpenSDA USB port on the target board.
-
Open a serial terminal with the following settings:
- 115200 baud rate
- 8 data bits
- No parity
- One stop bit
- No flow control
-
Import the existing project from MCUXpresso IDE.
-
The Demo will run in secure mode by default. To run the demo in non-secure mode, then remove the preprocessor macro "SECURE_HTTP_ENABLED".
-
Use below commands to create certificates on Ubuntu Server.
- 5.1 Create the Root CA certificate.
- openssl genrsa -out ca.key.pem 2048
- openssl req -x509 -new -nodes -key ca.key.pem -sha256 -days 3650 -out ca.crt.pem -subj "/C=MyCountry/ST=MyState/L=MyLocation/O=MyCompany/CN=MyRootCA"
- 5.2 Create the Server Certificate signed by your CA
- openssl genrsa -out server.key.pem 2048
- openssl req -new -key server.key.pem -out server.csr.pem -subj "/C=MyCountry/ST=MyState/L=MyLocation/O=MyServer/CN=MyServerIP"
- 5.3 Create a config file for IP-based Subject Alternative Name (SAN)
- Create server_cert_ext.cnf with the following contents:
- subjectAltName = IP:192.168.1.188
- basicConstraints = CA:FALSE
- keyUsage = digitalSignature, keyEncipherment
- extendedKeyUsage = serverAuth
- Create server_cert_ext.cnf with the following contents:
- 5.4 Sign the Server Certificate with your Root CA
- openssl x509 -req -in server.csr.pem -CA ca.crt.pem -CAkey ca.key.pem -CAcreateserial -out server.crt.pem -days 3650 -sha256 -extfile server_cert_ext.cnf
- 5.1 Create the Root CA certificate.
-
Copy the RootCA certificate (ca.crt.pem) in the RT1060 Client to verify the server.
-
The Server certificate (server.crt.pem) and Server private key (server.key.pem) will be used in the Ubuntu HTTPS Server.
-
Compile the project.
-
Download the built image to the board through debug probe USB port and run the example.
When demo runs in secure HTTP mode, the terminal will display similar information. Enter SSID and Password (if applicable) to join the WLAN network from the scan list.
Initialize WLAN Driver
STA MAC Address: 50:26:EF:A2:D7:0C
[i] WPL_Init: Success
[i] WPL_Start: Success
========================================
HTTPS Client Application Start
========================================
Initiating scan...
ASUS_5G
BSSID : 7C:10:C9:02:DA:4C
RSSI : -48dBm
Channel : 40
Roam_2G
BSSID : 7C:10:C9:02:DA:48
RSSI : -38dBm
Channel : 4
Please enter parameters of WLAN to connect
SSID: Roam_2G
Password (for unsecured WLAN press Enter): ********
[i] WPL_AddNetwork: Success
[i] Trying to join the network...
[i] WPL_Join: Success
IP:192.168.1.169
Starting HTTPS connection
startHTTPSConnection: IP:192.168.1.169
Initializing TLS
Setting mBedTLS
. Seeding the random number generator...
. Loading the CA root certificate...
ok (0 skipped)
. Loading the client cert. and key...
ok
. Connecting to 192.168.1.188:8443
. Setting up the SSL/TLS structure...
ok
. SSL state connect : 0
. Performing the SSL/TLS handshake...
Cert veryfication requested for (Depth 1):
cert. version : 3
serial number : 3A:C1:12:C9:80:4A:46:FE:B4:C4:62:A8:01:1E:F4:CD:2B:6B:BB:34
issuer name : C=IN, ST=Gujarat, L=Ahmedabad, O=Volansys, CN=MyRootCA
subject name : C=IN, ST=Gujarat, L=Ahmedabad, O=Volansys, CN=MyRootCA
issued on : 2025-07-29 06:55:51
expires on : 2035-07-27 06:55:51
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
Cert veryfication requested for (Depth 0):
cert. version : 3
serial number : 16:4A:5F:CA:33:FA:C6:AF:8F:B8:84:D0:64:BD:57:84:99:FE:3B:FE
issuer name : C=IN, ST=Gujarat, L=Ahmedabad, O=Volansys, CN=MyRootCA
subject name : C=IN, ST=Gujarat, L=Ahmedabad, O=MyServer, CN=192.168.1.188
issued on : 2025-07-29 07:23:17
expires on : 2035-07-27 07:23:17
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
subject alt name :
iPAddress : 192.168.1.188
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
[ Protocol is TLSv1.2 ] [ Ciphersuite is TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 ]
[ Record expansion is 29 ]
. Verifying peer X.509 certificate...
OK
API: POST /data
json_string: {"sender":"RT1060-Client","Temperature":36}
Server Response:
HTTP/1.1 200 OK
Content-Type: application/json
Connection: close
Content-Length: 41
{"message": "Hello from C HTTPS server!"}
API: GET /data
Server Response:
HTTP/1.1 200 OK
Content-Type: application/json
Connection: close
Content-Length: 41
{"message": "Hello from C HTTPS server!"}
When demo runs in non-secure HTTP mode, the terminal will display similar information. Enter SSID and Password (if applicable) to join the WLAN network from the scan list.
Initialize WLAN Driver
STA MAC Address: 50:26:EF:A2:D7:0C
[i] WPL_Init: Success
[i] WPL_Start: Success
========================================
HTTP Client Application Start
========================================
Initiating scan...
ASUS_2G
BSSID : 7C:10:C9:02:DA:48
RSSI : -38dBm
Channel : 3
ASUS_5G
BSSID : 7C:10:C9:02:DA:4C
RSSI : -44dBm
Channel : 40
Please enter parameters of WLAN to connect
SSID: ASUS_2G
Password (for unsecured WLAN press Enter): ********
[i] WPL_AddNetwork: Success
[i] Trying to join the network...
[i] WPL_Join: Success
Sending POST /data
Server Response (POST):
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 42
Connection: keep-alive
{"status":"OK", "message":"POST received"}
Server Response (POST):
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 42
Connection: keep-alive
{"status":"OK", "message":"POST received"}
Sending GET /status
Server Response (POST):
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 44
Connection: keep-alive
{"device":"Ubuntu Server","status":"online"}
Server Response (GET):
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 44
Connection: keep-alive
{"device":"Ubuntu Server","status":"online"}
Include FAQs here if appropriate. If there are none, then remove this section.
Provide URLs for help here.
Questions regarding the content/correctness of this example can be entered as Issues within this GitHub repository.
Warning: For more general technical questions regarding NXP Microcontrollers and the difference in expected functionality, enter your questions on the NXP Community Forum
| Version | Description / Update | Date |
|---|---|---|
| 1.0 | Initial release on Application Code Hub | September 20th 2025 |
Trademarks and Service Marks: There are a number of proprietary logos, service marks, trademarks, slogans and product designations ("Marks") found on this Site. By making the Marks available on this Site, NXP is not granting you a license to use them in any fashion. Access to this Site does not confer upon you any license to the Marks under any of NXP or any third party's intellectual property rights. While NXP encourages others to link to our URL, no NXP trademark or service mark may be used as a hyperlink without NXP’s prior written permission. The following Marks are the property of NXP. This list is not comprehensive; the absence of a Mark from the list does not constitute a waiver of intellectual property rights established by NXP in a Mark.
NXP, the NXP logo, NXP SECURE CONNECTIONS FOR A SMARTER WORLD, Airfast, Altivec, ByLink, CodeWarrior, ColdFire, ColdFire+, CoolFlux, CoolFlux DSP, DESFire, EdgeLock, EdgeScale, EdgeVerse, elQ, Embrace, Freescale, GreenChip, HITAG, ICODE and I-CODE, Immersiv3D, I2C-bus logo , JCOP, Kinetis, Layerscape, MagniV, Mantis, MCCI, MIFARE, MIFARE Classic, MIFARE FleX, MIFARE4Mobile, MIFARE Plus, MIFARE Ultralight, MiGLO, MOBILEGT, NTAG, PEG, Plus X, POR, PowerQUICC, Processor Expert, QorIQ, QorIQ Qonverge, RoadLink wordmark and logo, SafeAssure, SafeAssure logo , SmartLX, SmartMX, StarCore, Symphony, Tower, TriMedia, Trimension, UCODE, VortiQa, Vybrid are trademarks of NXP B.V. All other product or service names are the property of their respective owners. © 2021 NXP B.V.