What is wrong with this request?

I am trying to teach my IOT device how to monitor my Algolia index. To start, I am trying to get the response from status.algolia.com/1/status.

Here is the request I am making:

    WiFiClientSecure client;
    client.print(String("GET ") + "/1/status" + " HTTP/1.1\r\n" +
        "Host: status.algolia.com\r\n" +
        "User-Agent: ESP8266\r\n" +
        "Accept: application/json\r\n" +
        "Accept-Language: en-us,en\r\n" +
        "X-Algolia-API-Key: " + amapikey + "\r\n" + 
        "X-Algolia-Application-Id: " + amapikey + "\r\n" +
        "Connection: close\r\n\r\n");

Where 'WiFiClientSecure' is defined in this c++ lib:

https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/src/WiFiClientSecure.cpp

Furthermore, where 'amapikey' is my Algolia Monitoring API Key and 'amappkey' is my Algolia Application ID.

The SSL Fingerprint for status.algolia.com I got from the SSL Cert is:

55 20 40 3d bb d0 61 e4 4e c7 d7 f9 f8 20 aa 28 84 c0 59 a0

But for some reason, the validation fails.

Is there an obvious error here that I am not seeing?

Thanks for any and all help.

Eric

Hi Eric,

First I think there’s a mistake in the code you sent us:

"X-Algolia-Application-Id: " + amapikey + "\r\n"

It should be amappkey here given what you detailed afterwards.

However the SSL issue would probably come up before this header is checked.
Could you please share the list of CA your library accepts? The issue might be coming from this.

1 Like

olance,

there is no ‘room’ on the ESP8266 chip for CAs. The way the WiFiClientSecure library checks is via the fingerprint (thumbprint). The fingerprint I try to validate is the one mentioned in the original post.

Maybe asking here is the wrong place. Let me ask in the WiFiClientSecure git hub site.

p.s., for the time being, I am skipping over SSL verification and noticed that bug you pointed out. THANKS for that. :grinning:

:slight_smile:
Kudos to my colleague @peter.villani actually! ^^

Let us know when you have a response from the WiFiClientSecure team!