The objective of this post is to test some HTTPS requests using the Requests library on the LinkIt Smart Duo.
Introduction
The objective of this post is to test some HTTPS requests using the Requests library on the LinkIt Smart Duo.
We will use this website for testing the behavior of the library with invalid HTTPS certificates.
If you haven’t yet installed the Requests library on the LinkIt Smart Duo, you can check this previous post for a detailed explanation on how to do it.
The code
As usual, we will assume the use of WinSCP to upload the code for the LinkIt Smart Duo. You can check here how to do it.
We will use the same testRequests.py file we created for the previous post. Since we will be editing and running the code, I recommend you to keep both Putty and WinSCP open.
To start, we will send a request to a website that supports HTTPS and that has a valid certificate. So, we will use the secure version of the fake Rest API website we have been using before in some tutorials. You can check the URL here.
You can confirm that the website supports HTTPS by accessing the URL and checking the icon near the address bar, as indicated in figure 1. Your web browser should also let you check the details of the certificate.
Figure 1 – Fake REST API website with HTTPS.
The code for making the request will be very simple and similar to the one we used before, except for the fact that we will now be catching exceptions, to test the cases where the certificate is invalid. Please keep in mind that you should always develop robust code that handles all he possible exceptions. We haven’t been doing it in previous tutorials just to keep the code simple, but this is the best practice.
So, we start by import the requests module. Then, inside a try/except block, we will call the get method defined in this module and pass the URL of the fake API website as argument. We will store the result in a variable and then print the HTTP response text.
In the except code, which is executed in case of error, we will print the exception caught. We will use the Exception class to catch any type of exception that may be generated. This is the base class for all exceptions [1], so we should catch all the possible errors that result from invalid certificates.
Please keep in mind that the best practice is to catch and handle different types of exceptions in different blocks and we are only using this generic approach to keep the code simple.
You can check the full code for this bellow.
import requests
try:
response = requests.get('https://jsonplaceholder.typicode.com/users')
print response.text
except Exception as e:
print e
To run the code, just open Putty, navigate to the directory where the Python script was saved and run it with the following command:
python testRequests.py
Since the certificate of this website is valid, we should get the JSON response printed to the console, as shown in figure 2.
Figure 2 – Output of the HTTPS request.
Now, we will test an example of a expired certificate from the badssl website. First, access the URL on a web browser, to confirm that there is a problem with the certificate, as indicated in figure 3.
Figure 3 – Expired SSL certificate.
So, in the previous Python code, just change the destination URL and re-run the script in the LinkIt Smart.
import requests
try:
response = requests.get('https://expired.badssl.com/')
print response.text
except Exception as e:
print e
You should get something similar to figure 4, indicating an error on the validation of the certificate.
Figure 4 – Expired SSL certificate error.
You can test the different examples of invalid certificates available on the badssl website and confirm that they are also rejected.
Final notes
As we have seen, it is possible to send secure HTTPS requests from the LinkIt Smart 7688 Duo using the requests library. All the certificate chain validations are performed for us, making this library very easy to use.
Naturally, this functionality is of extreme importance in IoT related projects, since it allows us to communicate safely with remote hosts.
This makes the LinkIt Smart a very good choice for a Gateway, in a Gateway-based IoT architecture. The nodes of the network can be implemented with cheaper and simpler devices such as the ESP8266, which are less capable for implementing security measures such as HTTPS communication. Then, all those devices can send the data for the LinkIt Smart, which is responsible for implementing all the needed security measures to communicate the information through the Internet, to the remote host.
References
[1] https://www.tutorialspoint.com/python/python_exceptions.htm