Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Is there an Arduino ESP32 that supports TLS 1.3? #11105

Unanswered
CCarrillo07 asked this question in Q&A
Discussion options

Board

ESP32

Device Description

I want to connect my ESP32 to an Oracle Apex Resftul service,
With the code below, I'm getting "Error on sending POST: -11".
I read that the ESP32 Arduino Code library only supports TLS 1.2, but Oracle Apex Restful service is using TLS 1.3.

image

By any chance, do you know if there is an ESP32 Arduino library that supports TLS 1.3?

Code

#include <WiFi.h>
#include <HTTPClient.h>
#include <WiFiClientSecure.h>

// Replace these with your network credentials
const char* ssid = "YOUR_SSID";
const char* password = "YOUR PASSWORD";

// Replace these with your Oracle APEX endpoint details
const char* endpointUrl = "https://apex.oracle.com/pls/apex/ccarrillo/ultrasonicsensor/insert_data";

// CA certificate of the server
const char* rootCACertificate =
"-----BEGIN CERTIFICATE-----\n"
"MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n"
"MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n"
"d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n"
"QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n"
"MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n"
"b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n"
"9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n"
"CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n"
"nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n"
"43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n"
"T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n"
"gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n"
"BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n"
"TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n"
"DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n"
"hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n"
"06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n"
"PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n"
"YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n"
"CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n"
"-----END CERTIFICATE-----\n";

// Ultrasonic sensor variables
const int trigPin = 13;
const int echoPin = 12;
#define SOUND_SPEED 0.034 // define sound speed in cm/uS
float globalDistanceCm;

void setup() {
Serial.begin(115200);
// Connecting to WiFi
setupWiFi();

// Initializing pins for the ultrasonic sensor
pinMode(trigPin, OUTPUT); // Sets the trigPin as an Output
pinMode(echoPin, INPUT); // Sets the echoPin as an Input
}

void loop() {
globalDistanceCm = getDistance();
// Prints the distance in the Serial Monitor
Serial.print("Distance (cm): ");
Serial.println(globalDistanceCm);
sendData(globalDistanceCm);
delay(5000);
}

void setupWiFi() {
Serial.print("Connecting to ");
Serial.println(ssid);
WiFi.begin(ssid, password);
while (WiFi.status() != WL_CONNECTED) {
delay(1000);
Serial.print(".");
}
Serial.println("Connected to Wi-Fi");
}

float getDistance() {
long duration;
float distanceCm;
// Clears the trigPin
digitalWrite(trigPin, LOW);
delayMicroseconds(2);
// Sets the trigPin on HIGH state for 10 micro seconds
digitalWrite(trigPin, HIGH);
delayMicroseconds(10);
digitalWrite(trigPin, LOW);
// Reads the echoPin, returns the sound wave travel time in microseconds
duration = pulseIn(echoPin, HIGH);
// Calculate the distance
distanceCm = duration * SOUND_SPEED / 2;
return distanceCm;
}

// Function to send data
void sendData(float sensorValue) {
WiFiClientSecure client;
HTTPClient http;

client.setCACert(rootCACertificate);

if (!client.connect("apex.oracle.com", 443)) {
Serial.println("Connection failed!");
return;
}

http.begin(client, endpointUrl);
http.addHeader("Content-Type", "application/x-www-form-urlencoded");

// Create the POST request payload
String payload = "sensor_value=" + String(sensorValue, 2);

int httpResponseCode = http.POST(payload);

// Check and print the response
if (httpResponseCode > 0) {
String response = http.getString();
Serial.println(httpResponseCode);
Serial.println(response);
} else {
Serial.print("Error on sending POST: ");
Serial.println(httpResponseCode);
}

http.end();
}

Hardware Configuration

  • ESP32 board.
  • HC-SR04

Version

v3.0.3

IDE Name

Arduino IDE 2.3.2

Operating System

Windows 10

Flash frequency

N/A

PSRAM enabled

yes

Upload speed

115200

Description

I want to connect my ESP32 to an Oracle Apex Resftul service,
With the code below, I'm getting "Error on sending POST: -11".
I read that the ESP32 Arduino Code library only supports TLS 1.2, but Oracle Apex Restful service is using TLS 1.3.

image

By any chance, do you know if there is an ESP32 Arduino library that supports TLS 1.3?

Sketch

N/A

Debug Message

Error on sending POST: -11

Other Steps to Reproduce

No response

I have checked existing issues, online documentation and the Troubleshooting Guide

  • I confirm I have checked existing issues, online documentation and Troubleshooting guide.
You must be logged in to vote

Replies: 4 comments

Comment options

I forgot to mention that I'm using esp32 by Espressif System library, the version I'm using is 3.0.3
You must be logged in to vote
0 replies
Comment options

I found that https://github.com/govorox/SSLClient is based on Based on Mbed-TLS/mbedtls.
Mbed TLS 3.x TLS Versions Supported: Mbed TLS 3.x supports TLS 1.2 and TLS 1.3.
But, I have not found how to hard code the library to use TLS 1.3.

I'm still getting TLS 1.2 when making get request to www.howsmyssl.com.

Making GET request...
Status code: 200
Response: {"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CCM","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8","TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CCM","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8","TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_256_CCM","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_RSA_WITH_AES_256_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_256_CCM_8","TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256","TLS_RSA_WITH_CAMELLIA_256_CBC_SHA","TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384","TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384","TLS_RSA_WITH_ARIA_256_GCM_SHA384","TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384","TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_ARIA_256_CBC_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_128_CCM","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_128_CCM_8","TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_RSA_WITH_CAMELLIA_128_CBC_SHA","TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256","TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256","TLS_RSA_WITH_ARIA_128_GCM_SHA256","TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256","TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256","TLS_RSA_WITH_ARIA_128_CBC_SHA256","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}
You must be logged in to vote
0 replies
Comment options

I'm now using the GovoroxSSLClient (v 1.3.2), the ESP32 by Espressif Systems (v 3.0.3), the ArduinoHTTPClient (v 0.6.1) libraries.
I'm getting:

Making POST request...
Status code: -3
Response:

Here is my code:
#include <ArduinoHttpClient.h>
#include "WiFi.h"
#include "SSLClient.h"

#include "ca_cert.h" // Include the header file with the certificate

// Replace these with your Wi-Fi credentials
const char* ssid = "YOUR SSID";
const char* pass = "YOUR PASSWORD";

// Update with your endpoint hostname
const char hostname[] = "https://apex.oracle.com/";
const char endPointURL[] = "/wkspace/insert_data";
int port = 443;

// Layers stack
WiFiClient wifi_transport_layer;
SSLClient secure_presentation_layer(&wifi_transport_layer);
HttpClient http_client = HttpClient(secure_presentation_layer, hostname, port);

void setup() {
Serial.begin(115200);

// Connect to Wi-Fi
WiFi.begin(ssid, pass);
Serial.print("Connecting to Wi-Fi");
while (WiFi.status() != WL_CONNECTED) {
Serial.print(".");
delay(300);
}
Serial.println();
Serial.print("Connected with IP: ");
Serial.println(WiFi.localIP());

// Add CA Certificate
secure_presentation_layer.setCACert(root_ca);
}

void loop() {
Serial.println("Making POST request...");

// Prepare POST request payload
String payload = "sensor_value=4.5"; // Example payload

// Set request headers and payload
http_client.beginRequest();
http_client.post(endPointURL);
http_client.sendHeader("Content-Type", "application/x-www-form-urlencoded");
http_client.sendHeader("Content-Length", payload.length());
http_client.sendHeader("Connection", "close");
http_client.endRequest();

// Send payload
http_client.print(payload);

// Read response
int status_code = http_client.responseStatusCode();
String response = http_client.responseBody();

Serial.print("Status code: ");
Serial.println(status_code);
Serial.print("Response: ");
Serial.println(response);

http_client.stop();

delay(30000);
}
You must be logged in to vote
0 replies
Comment options

Now I have a successful POST request.
The issue with the previous code was:

Ensure that the hostname is correctly set and does not include the protocol (https://). The hostname should only be the domain part of the URL.

The endPointURL should be the path part of the URL, without the leading /. In this case, it's correct.
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
Status: Awaiting triage Issue is waiting for triage
1 participant
Converted from issue

This discussion was converted from issue #10206 on March 12, 2025 20:04.

AltStyle によって変換されたページ (->オリジナル) /