In this example we learn how to send Secured POST request to a secured https web page using NodeMCU or ESP8266? As we know all web pages are HTTP protocols, GET and POST are methods of communicating between web browser and the server. Also you look towards server side php Example coding. If you are looking for HTTPS GET method read here.
What is HTTPS?
HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering. HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server. The use of HTTPS protects against eavesdropping and man-in-the-middle attacks. HTTPS was developed by Netscape.
HTTPS and SSL support the use of X.509 digital certificates from the server so that, if necessary, a user can authenticate the sender. Unless a different port is specified, HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.
What is HTTP?
The Hypertext Transfer Protocol (HTTP) is designed to enable communications between clients and servers.
HTTP works as a request-response protocol between a client and server. Each Hypertext Transfer Protocol (HTTP) message is either a request or a response. A server listens on a connection for a request, parses each message received, interprets the message semantics in relation to the identified request target, and responds to that request with one or more response messages. A client constructs request messages to communicate specific intentions, examines received responses to see if the intentions were carried out, and determines how to interpret the results.
A web browser may be the client, and an application on a computer that hosts a web site may be the server.
Example: A client (browser) submits an HTTP request to the server; then the server returns a response to the client. The response contains status information about the request and may also contain the requested content.
Two HTTP Request Methods: GET and POST
Two commonly used methods for a request-response between a client and server are: GET and POST.
- GET – Requests data from a specified resource
- POST – Submits data to be processed to a specified resource
The POST Method
POST is used to send data to a server to create/update a resource.
The data sent to the server with POST is stored in the request body of the HTTP request:
POST /post HTTPS/1.1
Host: postman-echo.com
name1=value1&name2=value2
POST is one of the most common HTTP methods.
Some other notes on POST requests:
- POST requests are never cached
- POST requests do not remain in the browser history
- POST requests cannot be bookmarked
- POST requests have no restrictions on data length
Before going directly to programming make sure you have latest version of ESP8266 boards
This example uses BearSSL which is now default (with the core release 2.5.0 to come, or the current git version, not with core-2.4.2 and older).
The example sketch for WiFiClientSecure fails to compile.
class axTLS::WiFiClientSecure' has no member named 'setFingerprint'
ESP8266 HTTPS POST Example Code
Make changes in wifi settings, SSID and password of your wifi network and change server ip. Also change GET request data as per your server requirements. and SHA1 fingerprint.
POST /post HTTP/1.1 Host: postman-echo.com Content-Type: application/x-www-form-urlencoded Content-Length: 13 say=Hi&to=Mom
How to get SHA1 Fingerprint
Step1: Open the HTTPS link in web browser
https://postman-echo.com/get?foo1=bar1&foo2=bar2
Step2: Click on Green Lock Icon and click on more information or security certificate
Step3: Click on Security then View Certificate
Step 4: Copy SHA1 fingerprint and paste it in code, remove colons
Make required changes in code and upload.
/*
* HTTPS Secured Client POST Request
* Copyright (c) 2019, circuits4you.com
* All rights reserved.
* https://circuits4you.com
* Connects to WiFi HotSpot. */
#include <ESP8266WiFi.h>
#include <WiFiClientSecure.h>
#include <ESP8266WebServer.h>
#include <ESP8266HTTPClient.h>
/* Set these to your desired credentials. */
const char *ssid = "your_ssid"; //ENTER YOUR WIFI SETTINGS
const char *password = "your_pass";
//Link to read data from https://jsonplaceholder.typicode.com/comments?postId=7
//Web/Server address to read/write from
const char *host = "postman-echo.com";
const int httpsPort = 443; //HTTPS= 443 and HTTP = 80
//SHA1 finger print of certificate use web browser to view and copy
const char fingerprint[] PROGMEM = "A6 5A 41 2C 0E DC FF C3 16 E8 57 E9 F2 C3 11 D2 71 58 DF D9";
//=======================================================================
// Power on setup
//=======================================================================
void setup() {
delay(1000);
Serial.begin(115200);
WiFi.mode(WIFI_OFF); //Prevents reconnection issue (taking too long to connect)
delay(1000);
WiFi.mode(WIFI_STA); //Only Station No AP, This line hides the viewing of ESP as wifi hotspot
WiFi.begin(ssid, password); //Connect to your WiFi router
Serial.println("");
Serial.print("Connecting");
// Wait for connection
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
//If connection successful show IP address in serial monitor
Serial.println("");
Serial.print("Connected to ");
Serial.println(ssid);
Serial.print("IP address: ");
Serial.println(WiFi.localIP()); //IP address assigned to your ESP
}
//=======================================================================
// Main Program Loop
//=======================================================================
void loop() {
WiFiClientSecure httpsClient; //Declare object of class WiFiClient
Serial.println(host);
Serial.printf("Using fingerprint '%s'\n", fingerprint);
httpsClient.setFingerprint(fingerprint);
httpsClient.setTimeout(15000); // 15 Seconds
delay(1000);
Serial.print("HTTPS Connecting");
int r=0; //retry counter
while((!httpsClient.connect(host, httpsPort)) && (r < 30)){
delay(100);
Serial.print(".");
r++;
}
if(r==30) {
Serial.println("Connection failed");
}
else {
Serial.println("Connected to web");
}
String getData, Link;
//POST Data
Link = "/post";
Serial.print("requesting URL: ");
Serial.println(host);
/*
POST /post HTTP/1.1
Host: postman-echo.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 13
say=Hi&to=Mom
*/
httpsClient.print(String("POST ") + Link + " HTTP/1.1\r\n" +
"Host: " + host + "\r\n" +
"Content-Type: application/x-www-form-urlencoded"+ "\r\n" +
"Content-Length: 13" + "\r\n\r\n" +
"say=Hi&to=Mom" + "\r\n" +
"Connection: close\r\n\r\n");
Serial.println("request sent");
while (httpsClient.connected()) {
String line = httpsClient.readStringUntil('\n');
if (line == "\r") {
Serial.println("headers received");
break;
}
}
Serial.println("reply was:");
Serial.println("==========");
String line;
while(httpsClient.available()){
line = httpsClient.readStringUntil('\n'); //Read Line by Line
Serial.println(line); //Print response
}
Serial.println("==========");
Serial.println("closing connection");
delay(2000); //POST Data at every 2 seconds
}
//=======================================================================
Upload the code and open serial monitor, in case of any problem it will show errors.
Few common problems and solutions
- Do not use http or https in front of host ink
- Error finger print not defined Update Board
- Error “-1” You are trying to connect with secure website HTTPS.
- Error Connection Failed You are using port 80 for HTTPS. HTTPS works on PORT 443
hi
is it possible to secure the esp8266 web server?
Could you public a php file for this example. I will be very grateful.
There is no difference in PHP file for HTTP and HTTPS.