Hello,
I have an ESP32 which is running a wifi soft AP and an HTTPS server using <esp_https_server.h> and <openssl/ssl.h>.
In comparison to HTTP I experience very slow Transfer of web pages paired with some errors, on which I have no idea how to fix them.
This is my log when I attempt to access an URI handler by the client PC (e.g I call 192.168.4.1/index.html):
E (193655) esp_https_server: SSL_new ret NULL (out of memory)
W (193655) httpd: httpd_accept_conn: session creation failed
W (193655) httpd: httpd_server: error accepting new connection
E (193665) httpd: httpd_server: error in select (9)
W (193665) httpd_sess: httpd_sess_delete_invalid: Closing invalid socket 61
W (193675) httpd_sess: httpd_sess_delete_invalid: Closing invalid socket 62
W (193695) esp_https_server: fail to SSL_accept - handshake error
W (193695) httpd: httpd_accept_conn: session creation failed
W (193695) httpd: httpd_server: error accepting new connection
E (193705) httpd: httpd_server: error in select (9)
W (193705) httpd_sess: httpd_sess_delete_invalid: Closing invalid socket 61
Despite these errors the connection is finally established and the page is served. Still very slowly.
I suspect its due to these errors and a lot of retries as result of this.
What can I do to fix this and improve overall performance of the HTTPS server?
HTTPS Server (OpenSSL) - Error explanation
-
- Posts: 21
- Joined: Wed Apr 03, 2019 1:29 pm
-
- Posts: 21
- Joined: Wed Apr 03, 2019 1:29 pm
Re: HTTPS Server (OpenSSL) - Error explanation
Update to my post above:
As the error shows, the TLS stuff used up too much memory on my system.
I was able to reduce the memory consumption by changing a property in the sdkconfig with 'make menuconfig'.
The handshake errors were nothing serious. They were caused by the browser which closed the initial connection because
of a self-signed certificate (SSL handshake error: EOF), which got rejected. After I accepted the certificate in the browser, these errors vanished.
Except on chrome (this browser requires a different workaround):
SSL handshake errors never totally disappear from chrome. After some errors after each request the connection is established.
Chrome always needs several retries, resulting in worse performance and additional memory consumption. This is caused by the opening of an additional socket for each new request. This really killed my application.
To Prevent this I had to modify a function in httpd_sess.c
Its not optimal, but at least HTTPS is now working as intended with all the standard Browsers (but decreased performance on Chrome).
As the error shows, the TLS stuff used up too much memory on my system.
I was able to reduce the memory consumption by changing a property in the sdkconfig with 'make menuconfig'.
Code: Select all
Component config -> mbedTLS -> TLS maximum message content length -> Reduce to 4096
of a self-signed certificate (SSL handshake error: EOF), which got rejected. After I accepted the certificate in the browser, these errors vanished.
Except on chrome (this browser requires a different workaround):
SSL handshake errors never totally disappear from chrome. After some errors after each request the connection is established.
Chrome always needs several retries, resulting in worse performance and additional memory consumption. This is caused by the opening of an additional socket for each new request. This really killed my application.
To Prevent this I had to modify a function in httpd_sess.c
Code: Select all
esp_err_t httpd_sess_new(struct httpd_data *hd, int newfd)
/* Call user-defined session opening function */
if (hd->config.open_fn) {
esp_err_t ret = hd->config.open_fn(hd, hd->hd_sd[i].fd);
// Replace this -> if (ret != ESP_OK) return ret;
// With this:
if (ret != ESP_OK)
{
httpd_sess_delete(hd, hd->hd_sd[i].fd);
ESP_LOGD(TAG, LOG_FMT("open_fn failed for fd = %d"), newfd);
return ret;
}
}
return ESP_OK;
}
Who is online
Users browsing this forum: federicolonghin, ok-home and 120 guests