I have the following Arduino code I'm using with an ESP32:
if(!SPIFFS.begin(true)) {
Serial.println("Error mounting SPIFFS.");
}
File file = SPIFFS.open("/root.cer");
if(!file) {
Serial.println("Error opening the file.");
}
Serial.println("CA Root certificate: ");
String ca_cert = file.readString();
Serial.println(ca_cert);
espClient.setCACert(ca_cert.c_str());
file.close();
This is the relevant code for loading a file and setting the WiFiClientSecure's CA certificate. This code does not work.
However, if I replace espClient.setCACert(ca_cert.c_str());
with espClient.setCACert(ROOTCERT);
where ROOTCERT
is defined as such:
#define ROOTCERT "-----BEGIN CERTIFICATE-----\n" \
"MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/\n" \
"MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" \
"DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow\n" \
"PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD\n" \
"Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" \
"AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O\n" \
"rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq\n" \
"OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b\n" \
"xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw\n" \
"7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD\n" \
"aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV\n" \
"HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG\n" \
"SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69\n" \
"ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr\n" \
"AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz\n" \
"R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5\n" \
"JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo\n" \
"Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ\n" \
"-----END CERTIFICATE-----\n"
The code works.
The ROOTCERT string is taken directly from the certificate file, so they must be identical.
The certificate file was downloaded and exported using Windows's certificate exporter. I've tried converting line endings to no avail.
EDIT: I've found a clue.
If I do the following:
String constString = ROOTCERT;
espClient.setCACert(constString.c_str());
It also does not work.
And I added this code:
if(strcmp(constString.c_str(), ROOTCERT))
Serial.println("Constant and converted string are equal.");
else
Serial.println("Constant and converted string are different.");
And it prints "Constant and converted string are different."
So it appears to be some kind of problem with how .c_str()
does things? I have no idea what this could be, though. When printed to the console, the .c_str()
, ROOTCERT and ca_cert String
s all appear IDENTICAL.
I am completely confused here.
Turns out I was using strcmp()
incorrectly. Things are still not working.
After messing around, I fixed it.
So .c_str()
is just another way of pointing to the internal buffer of the String
object.
Somehow that was messing things up. Using this code fixed it.
char *dest;
dest = (char *)malloc(sizeof(char) * (ca_cert.length()+1));
strcpy(dest, ca_cert.c_str());
espClient.setCACert(dest);
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments