{"id":121379,"date":"2022-12-15T15:03:52","date_gmt":"2022-12-15T15:03:52","guid":{"rendered":"https:\/\/randomnerdtutorials.com\/?p=121379"},"modified":"2025-03-19T17:37:08","modified_gmt":"2025-03-19T17:37:08","slug":"esp32-https-requests","status":"publish","type":"post","link":"https:\/\/randomnerdtutorials.com\/esp32-https-requests\/","title":{"rendered":"ESP32 HTTPS Requests (Arduino IDE)"},"content":{"rendered":"\n<p>In this guide, you&#8217;ll learn how to make HTTPS requests with the ESP32. We&#8217;ll introduce you to some HTTPS fundamental concepts and provide several examples (with and without certificates) using two different libraries: <span class=\"rnthl rntliteral\">HttpClient<\/span> and <span class=\"rnthl rntliteral\">WiFiClientSecure<\/span>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" fetchpriority=\"high\" decoding=\"async\" width=\"1200\" height=\"675\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.jpg?resize=1200%2C675&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"ESP32 HTTPS Requests Arduino IDE\" class=\"wp-image-121806\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.jpg?w=1280&amp;quality=100&amp;strip=all&amp;ssl=1 1280w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.jpg?resize=300%2C169&amp;quality=100&amp;strip=all&amp;ssl=1 300w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.jpg?resize=1024%2C576&amp;quality=100&amp;strip=all&amp;ssl=1 1024w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.jpg?resize=768%2C432&amp;quality=100&amp;strip=all&amp;ssl=1 768w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/figure><\/div>\n\n\n<p class=\"rntbox rntclblue\">Using an ESP8266 board? <a href=\"https:\/\/randomnerdtutorials.com\/esp8266-nodemcu-https-requests\/\" title=\"\">Check this tutorial instead: ESP8266 NodeMCU HTTPS Requests<\/a><\/p>\n\n\n\n<p><strong>Table of Contents<\/strong><\/p>\n\n\n\n<p>Throughout this article, we&#8217;ll cover the following subjects:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"#what-is-https\">What is HTTPS?<\/a>\n<ul class=\"wp-block-list\">\n<li><a href=\"#why-https-esp32\">Why do you need HTTPS with the ESP32?<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"#tls-ssl-certificates\">SSL\/TLS Certificates<\/a>\n<ul class=\"wp-block-list\">\n<li><a href=\"#certificate-chain\">Certificate Chain<\/a><\/li>\n\n\n\n<li><a href=\"#certification-expiration-date\">Certificates Expiration Date<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"#getting-server-certificate-google-chrome\">Getting a Server&#8217;s Certificate using Google Chrome<\/a><\/li>\n\n\n\n<li><a href=\"#esp32-https-requests-wificlientsecure\">HTTPS Requests with the ESP32 (WiFiClientSecure)<\/a>\n<ul class=\"wp-block-list\">\n<li><a href=\"#esp32-https-requests-wificlientsecure-certificate\">ESP32 HTTPS Requests with Certificate<\/a><\/li>\n\n\n\n<li><a href=\"#esp32-https-requests-wificlientsecure-without-certificate\">ESP32 HTTPS Requests without Certificate<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><a href=\"#esp32-https-requests-httpclient\">HTTPS Requests with the ESP32 (HTTPClient)<\/a>\n<ul class=\"wp-block-list\">\n<li><a href=\"#esp32-https-requests-httpclient-certificate\">ESP32 HTTPS Requests with Certificate<\/a><\/li>\n\n\n\n<li><a href=\"#esp32-https-requests-httpclient-without-certificate\">ESP32 HTTPS Requests without Certificate<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what-is-https\">Introduction<\/h2>\n\n\n\n<p>To understand how to make HTTPS requests with the ESP32, it&#8217;s better to be familiar with some fundamental concepts that we&#8217;ll explain next. We also recommend taking a look at the following article:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/randomnerdtutorials.com\/esp32-esp8266-https-ssl-tls\/\">ESP32\/ESP8266 with HTTPS and SSL\/TLS Encryption: Basic Concepts<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"what-is-https\">What is HTTPS?<\/h3>\n\n\n\n<p>HTTPS is the secure version of the HTTP protocol, hence the \u201cS\u201d, which stands for secure.<\/p>\n\n\n\n<p>HTTP is a protocol to transfer data over the internet. When that data is encrypted with SSL\/TLS, it\u2019s called HTTPS.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" decoding=\"async\" width=\"750\" height=\"500\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/HTTP-vs-HTTPS.png?resize=750%2C500&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"HTTP vs HTTPS\" class=\"wp-image-121260\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/HTTP-vs-HTTPS.png?w=750&amp;quality=100&amp;strip=all&amp;ssl=1 750w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/HTTP-vs-HTTPS.png?resize=300%2C200&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure><\/div>\n\n\n<p>To simplify, HTTPS is just the HTTP protocol but with encrypted data using SSL\/TLS.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"why-https-esp32\">Why do you need HTTPS with the ESP32?<\/h3>\n\n\n\n<p>Using HTTPS ensures the following:<\/p>\n\n\n\n<p><strong>1) Encryption<\/strong>: all traffic between the ESP32 and a server will be encrypted\u2014no one can spy on your requests and passwords, they will only see gibberish.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" decoding=\"async\" width=\"670\" height=\"308\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests-encryption.png?resize=670%2C308&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"ESP32 HTTPS requests encrypted\" class=\"wp-image-121511\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests-encryption.png?w=670&amp;quality=100&amp;strip=all&amp;ssl=1 670w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests-encryption.png?resize=300%2C138&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 670px) 100vw, 670px\" \/><\/figure><\/div>\n\n\n<p>When using the ESP32 libraries to make HTTPS requests, they take care of encryption and decryption of the messages.<\/p>\n\n\n\n<p><strong>2) Server trust (identification):<\/strong> when using HTTPS, via TLS\/SSL certificates, you ensure you are connected to the server you would expect\u2014this means, you always know to who you are connected to.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"472\" height=\"163\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/SSL-TLS-certificate_SSL-certificate.png?resize=472%2C163&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"SSL\/TLS Certificate valid\" class=\"wp-image-121504\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/SSL-TLS-certificate_SSL-certificate.png?w=472&amp;quality=100&amp;strip=all&amp;ssl=1 472w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/SSL-TLS-certificate_SSL-certificate.png?resize=300%2C104&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 472px) 100vw, 472px\" \/><\/figure><\/div>\n\n\n<p>To make sure we are connected to the right server, we need to check the server certificate on the ESP32. This means we need to download the server certificate and hard code it on our sketch so that we can check if we&#8217;re actually connected to the server we are expecting.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"tls-ssl-certificates\">TLS\/SSL Certificates<\/h3>\n\n\n\n<p>SSL certificates are issued by legitimate <strong>Certificate Authorities<\/strong>. One of the most known is LetsEncrypt. Certificate Authorities confirm the identity of the certificate owner and provide proof that the certificate is valid.&nbsp;The certificate also contains the server&#8217;s public key for asymmetrically encrypted communication with a client.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"351\" height=\"163\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/TLS-SSL-Certificate-Public-Key.png?resize=351%2C163&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"TLS SSL Certificate Public Key\" class=\"wp-image-121506\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/TLS-SSL-Certificate-Public-Key.png?w=351&amp;quality=100&amp;strip=all&amp;ssl=1 351w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/TLS-SSL-Certificate-Public-Key.png?resize=300%2C139&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 351px) 100vw, 351px\" \/><\/figure><\/div>\n\n\n<p>When a Certificate Authority issues a certificate, it signs the certificate with its root certificate. This root certificate should be on the database of trusted certificates called a <strong>root store<\/strong>. Your browser and the operating system contain a database of root certificates that they can trust (root store). The following screenshot shows some of the trusted root certificates.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"505\" height=\"467\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/trusted-root-certificates.png?resize=505%2C467&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"trusted root certificates chrome\" class=\"wp-image-121499\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/trusted-root-certificates.png?w=505&amp;quality=100&amp;strip=all&amp;ssl=1 505w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/trusted-root-certificates.png?resize=300%2C277&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 505px) 100vw, 505px\" \/><\/figure><\/div>\n\n\n<p>So, when you connect to a website using your browser, it checks if its certificate was signed by a root certificate that belongs to its root store. New root certificates are added or deleted to the root store with each browser update.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"468\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/HTTPS-browser-valid-certificate.png?resize=750%2C468&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"HTTPS client server interaction with valid certificate\" class=\"wp-image-121269\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/HTTPS-browser-valid-certificate.png?w=750&amp;quality=100&amp;strip=all&amp;ssl=1 750w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/HTTPS-browser-valid-certificate.png?resize=300%2C187&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure><\/div>\n\n\n<p>When you&#8217;re using an ESP32, you need to upload the certificates that you trust to your board. Usually, you&#8217;ll add only the certificate for the server you&#8217;ll want to connect to. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"354\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-check-server-certificate.png?resize=750%2C354&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"ESP32 Check server certificate for secure connection\" class=\"wp-image-121503\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-check-server-certificate.png?w=750&amp;quality=100&amp;strip=all&amp;ssl=1 750w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-check-server-certificate.png?resize=300%2C142&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure><\/div>\n\n\n<p>But, it&#8217;s also possible to upload a root store to your board to have more options, and don&#8217;t have to worry about searching for a specific website&#8217;s certificate.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"certificate-chain\">Certificate Chain<\/h3>\n\n\n\n<p>An SSL certificate is part of an SSL certificate chain. <strong>What is a certificate chain?<\/strong><\/p>\n\n\n\n<p>A certificate chain includes the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>root certificate (from a Certificate Authority);<\/li>\n\n\n\n<li>one or more intermediate certificates;<\/li>\n\n\n\n<li>the server certificate.<\/li>\n<\/ul>\n\n\n\n<p>The server certificate is what makes your browser show a secure padlock icon when you visit a website. It means the server has a <strong>valid<\/strong> SSL\/TLS certificate and all the connections with the website are encrypted. A valid SSL\/TLS certificate is a certificate trusted by your browser. What makes it trustable?<\/p>\n\n\n\n<p>As we&#8217;ve mentioned previously, SSL\/TLS certificates are issued by Certificate Authorities. However, these authorities don&#8217;t issue certificates directly to websites. They use intermediates that will issue the server certificate (<strong>Certificate Authority<\/strong> &gt; <strong>Intermediate certificate<\/strong> &gt; <strong>server certificate<\/strong>). The following screenshot shows an example for the Github website. You can see the certificate hierarchy highlighted with a red rectangle.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"546\" height=\"669\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-hierarchy-github.png?resize=546%2C669&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"Certificate Chain SSL\" class=\"wp-image-121500\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-hierarchy-github.png?w=546&amp;quality=100&amp;strip=all&amp;ssl=1 546w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-hierarchy-github.png?resize=245%2C300&amp;quality=100&amp;strip=all&amp;ssl=1 245w\" sizes=\"(max-width: 546px) 100vw, 546px\" \/><\/figure><\/div>\n\n\n<p>Your browser checks this certificate chain until it finds the root certificate. If that certificate is in the browser&#8217;s root store, then it considers the certificate to be valid. In this case, the DigiCert Global Root CA is in the browser&#8217;s root store. So, it will display the &#8220;secure&#8221; icon on the browser bar.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"456\" height=\"134\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/github-secure-icon.png?resize=456%2C134&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"github secure icon\" class=\"wp-image-121502\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/github-secure-icon.png?w=456&amp;quality=100&amp;strip=all&amp;ssl=1 456w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/github-secure-icon.png?resize=300%2C88&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 456px) 100vw, 456px\" \/><\/figure><\/div>\n\n\n<p>The following diagram shows a high-level overview of how it works.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"395\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/12\/certificate-chain-f_certificate-chain.png?resize=750%2C395&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"certificate chain example\" class=\"wp-image-123943\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/12\/certificate-chain-f_certificate-chain.png?w=750&amp;quality=100&amp;strip=all&amp;ssl=1 750w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/12\/certificate-chain-f_certificate-chain.png?resize=300%2C158&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure><\/div>\n\n\n<p><strong>In summary:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>root certificate<\/strong>: it&#8217;s a self-signed certificate issued by a Certificate Authority. The private key of this certificate is used to sign the next certificate in the hierarchy of certificates. Root certificates are loaded in the trust stores of browsers and operating systems.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>intermediate certificate<\/strong>: it&#8217;s signed by the private key of the root certificate. The private key of the intermediate certificate is the one that signs the server certificate. There can be more than one intermediate certificate.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>server certificate<\/strong>: this certificate is issued to a specific domain name on a server. It&#8217;s signed by the intermediate certificate private key. If it is valid (trustable certificate chain), the browser displays a secure padlock badge on the search bar next to the website domain.<\/li>\n<\/ul>\n\n\n\n<p>With the ESP32, to check the validity of a server, you can load any of those certificates: root, intermediate, or server certificate.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"certification-expiration-date\">Certificates Expiration Date<\/h3>\n\n\n\n<p>SSL\/TLS certificates have an expiry date. You can check on a browser the expiry date of the certificate for a particular server. The server&#8217;s certificate usually has a short-term validity.<\/p>\n\n\n\n<p>So, if you want to use it in your ESP32 projects, you&#8217;ll need to update your code quite frequently. If you want your code to run for years without worrying, you can use the website&#8217;s root certificate, which usually has a validity of five to ten years or more.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"getting-server-certificate\">Getting a Server&#8217;s Certificate<\/h2>\n\n\n\n<p>There are different ways to get the server&#8217;s certificate. One of the easiest ways is to download the certificate directly from your browser. You can also use <a href=\"https:\/\/www.openssl.org\/\" target=\"_blank\" rel=\"noopener\">OpenSSL <\/a>and get all the certificate information you need using the command line (we won&#8217;t cover this method in this tutorial). <\/p>\n\n\n\n<p>In this section, you&#8217;ll learn how to get the server&#8217;s certificate. We&#8217;ll generally use the root certificate, but you can use any of the other certificates on the certificate chain\u2014you just need to be aware of the certificate expiry date.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"getting-server-certificate-google-chrome\">Getting a Server&#8217;s Certificate using Google Chrome<\/h3>\n\n\n\n<p>In this section, we&#8217;ll show you how to get the certificate for a server using Google Chrome (that&#8217;s the web browser we use more often). Instructions for other web browsers should be similar.<\/p>\n\n\n\n<p>One of the examples we&#8217;ll use later is to make an HTTPS request to the howmyssl.com website. So, for demonstration purposes, we&#8217;ll show you how to get its root certificate. It is similar for other websites.<\/p>\n\n\n\n<p><strong>How to Get Websites&#8217;s Certificate using Google Chrome?<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to the website that you want to get the certificate for.<\/li>\n<\/ol>\n\n\n\n<ol start=\"2\"><li>Click on the padlock icon and then click on <strong>Show connection details<\/strong>.<\/li><\/ol>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"719\" height=\"372\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-1.png?resize=719%2C372&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"get website ssl certificate\" class=\"wp-image-121512\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-1.png?w=719&amp;quality=100&amp;strip=all&amp;ssl=1 719w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-1.png?resize=300%2C155&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 719px) 100vw, 719px\" \/><\/figure><\/div>\n\n\n<ol start=\"3\"><li>Then, click on <strong>Show certificate<\/strong>.<\/li><\/ol>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"719\" height=\"372\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-2.png?resize=719%2C372&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"show certificate google chrome\" class=\"wp-image-121514\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-2.png?w=719&amp;quality=100&amp;strip=all&amp;ssl=1 719w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-2.png?resize=300%2C155&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 719px) 100vw, 719px\" \/><\/figure><\/div>\n\n\n<ol start=\"4\"><li>A new window will open the all the information about the website&#8217;s certificate. Click on the Details tab, make sure you select the root certificate (that&#8217;s what we&#8217;re looking for in this example), then click on <strong>Export&#8230;<\/strong><\/li><\/ol>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"546\" height=\"668\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-3.png?resize=546%2C668&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"ssl certificate details\" class=\"wp-image-121515\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-3.png?w=546&amp;quality=100&amp;strip=all&amp;ssl=1 546w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/google-chrome-get-website-certificate-3.png?resize=245%2C300&amp;quality=100&amp;strip=all&amp;ssl=1 245w\" sizes=\"(max-width: 546px) 100vw, 546px\" \/><\/figure><\/div>\n\n\n<ol start=\"5\"><li>Select a place on your computer to save the certificate. Save it on the default format: <span class=\"rnthl rntliteral\">Base64-encoded ASCII, single certificate (*.pem, .crt)<\/span>.  And that&#8217;s it. <\/li><\/ol>\n\n\n\n<p>You can double-click on the certificate to check it&#8217;s details, including the expiration date.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"405\" height=\"515\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-information.png?resize=405%2C515&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"all the ssl certificate information\" class=\"wp-image-121517\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-information.png?w=405&amp;quality=100&amp;strip=all&amp;ssl=1 405w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-information.png?resize=236%2C300&amp;quality=100&amp;strip=all&amp;ssl=1 236w\" sizes=\"(max-width: 405px) 100vw, 405px\" \/><\/figure><\/div>\n\n\n<p>Open the certificate using Notepad or other similar software. You should get something similar as shown below.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"615\" height=\"805\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/root-certificate-notepad.png?resize=615%2C805&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"certificate notepad\" class=\"wp-image-121518\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/root-certificate-notepad.png?w=615&amp;quality=100&amp;strip=all&amp;ssl=1 615w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/root-certificate-notepad.png?resize=229%2C300&amp;quality=100&amp;strip=all&amp;ssl=1 229w\" sizes=\"(max-width: 615px) 100vw, 615px\" \/><\/figure><\/div>\n\n\n<p>We need to convert this to Arduino multi-line string, so that we can use it in our sketch. Basically, you need to add a <span class=\"rnthl rntliteral\">&#8220;<\/span> at the beginning of each line and a <span class=\"rnthl rntliteral\">\\n&#8221; \\<\/span> at the end of each line, except the last line that you should add <span class=\"rnthl rntliteral\">\\n&#8221;<\/span>. So, you&#8217;ll get something as shown below: <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"653\" height=\"824\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-multiline-string.png?resize=653%2C824&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"certificate multi line string\" class=\"wp-image-121519\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-multiline-string.png?w=653&amp;quality=100&amp;strip=all&amp;ssl=1 653w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/certificate-multiline-string.png?resize=238%2C300&amp;quality=100&amp;strip=all&amp;ssl=1 238w\" sizes=\"(max-width: 653px) 100vw, 653px\" \/><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">HTTPS Requests with the ESP32<\/h2>\n\n\n\n<p>Now that you know all the major important aspects of certificates and how to get a server&#8217;s certificate, let&#8217;s finally take a look at how to make HTTPS requests on the ESP32 using the Arduino core. We&#8217;ll cover different methods using two different libraries: <span class=\"rnthl rntliteral\">WiFiClientSecure<\/span> and <span class=\"rnthl rntliteral\">HTTPClient<\/span>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"750\" height=\"320\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.png?resize=750%2C320&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"HTTPS Requests with the ESP32\" class=\"wp-image-121362\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.png?w=750&amp;quality=100&amp;strip=all&amp;ssl=1 750w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.png?resize=300%2C128&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\" id=\"esp32-https-requests-wificlientsecure\">ESP32 HTTPS Requests using WiFiClientSecure Library<\/h2>\n\n\n\n<p>You can find a simple example showing how to make HTTPS requests with the WiFiClientSecure library on your Arduino IDE.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"esp32-https-requests-wificlientsecure-certificate\">ESP32 HTTPS Requests with Certificate<\/h3>\n\n\n\n<p>Make sure you have an ESP32 board selected in <strong>Tools <\/strong>&gt; <strong>Board<\/strong>. Then, go to <strong>File <\/strong>&gt; <strong>Examples<\/strong> &gt; <strong>WiFiClientSecure <\/strong>&gt; <strong>WiFiClientSecure<\/strong>.<\/p>\n\n\n\n<p>You can modify the following code with the certificate we got from the previous steps, which is valid until 2035.<\/p>\n\n\n<pre style=\"max-height: 40em; margin-bottom: 20px;\"><code class=\"language-c\">\/*\r\n  Complete project details: https:\/\/RandomNerdTutorials.com\/esp32-https-requests\/\r\n  \r\n  Wifi secure connection example for ESP32 - Running on TLS 1.2 using mbedTLS\r\n  Suporting the following chipersuites:\r\n  &quot;TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CCM&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CCM&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CBC_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CCM_8&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CCM&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CCM&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CCM_8&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_CCM&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_PSK_DHE_WITH_AES_256_CCM_8&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_CCM&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_PSK_DHE_WITH_AES_128_CCM_8&quot;,&quot;TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_RSA_WITH_AES_256_CCM&quot;,&quot;TLS_RSA_WITH_AES_256_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDH_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_RSA_WITH_AES_256_CCM_8&quot;,&quot;TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_CAMELLIA_256_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_RSA_WITH_AES_128_CCM&quot;,&quot;TLS_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDH_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_RSA_WITH_AES_128_CCM_8&quot;,&quot;TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_CAMELLIA_128_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_RSA_PSK_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_PSK_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_PSK_WITH_AES_256_CCM&quot;,&quot;TLS_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_PSK_WITH_AES_256_CCM_8&quot;,&quot;TLS_PSK_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_PSK_WITH_AES_128_CCM&quot;,&quot;TLS_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_PSK_WITH_AES_128_CCM_8&quot;,&quot;TLS_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_EMPTY_RENEGOTIATION_INFO_SCSV&quot;]\r\n  2017 - Evandro Copercini - Apache 2.0 License.\r\n*\/\r\n\r\n#include &lt;Arduino.h&gt;\r\n#include &lt;WiFi.h&gt;\r\n#include &lt;WiFiClientSecure.h&gt;\r\n\r\nconst char* ssid = &quot;REPLACE_WITH_YOUR_SSID&quot;;\r\nconst char* password = &quot;REPLACE_WITH_YOUR_PASSWORD&quot;;\r\n\r\nconst char*  server = &quot;www.howsmyssl.com&quot;;  \/\/ Server URL\r\n\r\n\/\/ www.howsmyssl.com root certificate authority, to verify the server\r\n\/\/ change it to your server root CA\r\n\/\/ SHA1 fingerprint is broken now!\r\n\r\nconst char* test_root_ca= \\\r\n  &quot;-----BEGIN CERTIFICATE-----\\n&quot; \\\r\n  &quot;MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\\n&quot; \\\r\n  &quot;TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\\n&quot; \\\r\n  &quot;cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\\n&quot; \\\r\n  &quot;WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\\n&quot; \\\r\n  &quot;ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\\n&quot; \\\r\n  &quot;MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\\n&quot; \\\r\n  &quot;h77ct984kIxuPOZXoHj3dcKi\/vVqbvYATyjb3miGbESTtrFj\/RQSa78f0uoxmyF+\\n&quot; \\\r\n  &quot;0TM8ukj13Xnfs7j\/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\\n&quot; \\\r\n  &quot;A5\/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\\n&quot; \\\r\n  &quot;T8KOEUt+zwvo\/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm\/ELNKjD+Jo2FR3qyH\\n&quot; \\\r\n  &quot;B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\\n&quot; \\\r\n  &quot;B5iPNgiV5+I3lg02dZ77DnKxHZu8A\/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\\n&quot; \\\r\n  &quot;KBds0pjBqAlkd25HN7rOrFleaJ1\/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\\n&quot; \\\r\n  &quot;OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\\n&quot; \\\r\n  &quot;jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\\n&quot; \\\r\n  &quot;qHyGO0aoSCqI3Haadr8faqU9GY\/rOPNk3sgrDQoo\/\/fb4hVC1CLQJ13hef4Y53CI\\n&quot; \\\r\n  &quot;rU7m2Ys6xt0nUW7\/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB\/wQEAwIBBjAPBgNV\\n&quot; \\\r\n  &quot;HRMBAf8EBTADAQH\/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\\n&quot; \\\r\n  &quot;hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS\/V9lZL\\n&quot; \\\r\n  &quot;ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\\n&quot; \\\r\n  &quot;3BebYhtF8GaV0nxvwuo77x\/Py9auJ\/GpsMiu\/X1+mvoiBOv\/2X\/qkSsisRcOj\/KK\\n&quot; \\\r\n  &quot;NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\\n&quot; \\\r\n  &quot;ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\\n&quot; \\\r\n  &quot;TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+\/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\\n&quot; \\\r\n  &quot;jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\\n&quot; \\\r\n  &quot;oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0\/1lvh+wjChP4kqKOJ2qxq\\n&quot; \\\r\n  &quot;4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U\/t7y0Ff\/9yi0GE44Za4rF2LN9d11TPA\\n&quot; \\\r\n  &quot;mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc\/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\\n&quot; \\\r\n  &quot;emyPxgcYxn\/eR44\/KJ4EBs+lVDR3veyJm+kXQ99b21\/+jh5Xos1AnX5iItreGCc=\\n&quot; \\\r\n  &quot;-----END CERTIFICATE-----\\n&quot;; \r\n\r\n\/\/ You can use x.509 client certificates if you want\r\n\/\/const char* test_client_key = &quot;&quot;;   \/\/to verify the client\r\n\/\/const char* test_client_cert = &quot;&quot;;  \/\/to verify the client\r\n\r\n\r\nWiFiClientSecure client;\r\n\r\nvoid setup() {\r\n  \/\/Initialize serial and wait for port to open:\r\n  Serial.begin(115200);\r\n  delay(100);\r\n\r\n  Serial.print(&quot;Attempting to connect to SSID: &quot;);\r\n  Serial.println(ssid);\r\n  WiFi.begin(ssid, password);\r\n\r\n  \/\/ attempt to connect to Wifi network:\r\n  while (WiFi.status() != WL_CONNECTED) {\r\n    Serial.print(&quot;.&quot;);\r\n    \/\/ wait 1 second for re-trying\r\n    delay(1000);\r\n  }\r\n\r\n  Serial.print(&quot;Connected to &quot;);\r\n  Serial.println(ssid);\r\n\r\n  client.setCACert(test_root_ca);\r\n  \/\/client.setCertificate(test_client_cert); \/\/ for client verification\r\n  \/\/client.setPrivateKey(test_client_key);\t\/\/ for client verification\r\n\r\n  Serial.println(&quot;\\nStarting connection to server...&quot;);\r\n  if (!client.connect(server, 443))\r\n    Serial.println(&quot;Connection failed!&quot;);\r\n  else {\r\n    Serial.println(&quot;Connected to server!&quot;);\r\n    \/\/ Make a HTTP request:\r\n    client.println(&quot;GET https:\/\/www.howsmyssl.com\/a\/check HTTP\/1.0&quot;);\r\n    client.println(&quot;Host: www.howsmyssl.com&quot;);\r\n    client.println(&quot;Connection: close&quot;);\r\n    client.println();\r\n\r\n    while (client.connected()) {\r\n      String line = client.readStringUntil('\\n');\r\n      if (line == &quot;\\r&quot;) {\r\n        Serial.println(&quot;headers received&quot;);\r\n        break;\r\n      }\r\n    }\r\n    \/\/ if there are incoming bytes available\r\n    \/\/ from the server, read them and print them:\r\n    while (client.available()) {\r\n      char c = client.read();\r\n      Serial.write(c);\r\n    }\r\n\r\n    client.stop();\r\n  }\r\n}\r\n\r\nvoid loop() {\r\n  \/\/ do nothing\r\n}\r\n<\/code><\/pre>\n\t<p style=\"text-align:center\"><a class=\"rntwhite\" href=\"https:\/\/github.com\/RuiSantosdotme\/Random-Nerd-Tutorials\/raw\/master\/Projects\/ESP32\/ESP32_HTTPS\/ESP32_WiFiClientSecure_Certificate\/ESP32_WiFiClientSecure_Certificate.ino\" target=\"_blank\">View raw code<\/a><\/p>\n\n\n\n<p>This example establishes a secure connection with the <span class=\"rnthl rntliteral\">www.howsmyssl.com<\/span> website and checks its certificate to ensure we&#8217;re connected to the server that we expect.<\/p>\n\n\n\n<p>If you&#8217;re used to making HTTP requests with the ESP32 using the <span class=\"rnthl rntliteral\">WiFiClient<\/span> library, this example is not much different.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">How does the Code Work?<\/h4>\n\n\n\n<p>You need to include the <span class=\"rnthl rntliteral\">WiFiClientSecure<\/span> library.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>#include &lt;WiFiClientSecure.h&gt;<\/code><\/pre>\n\n\n\n<p>Insert your network credentials in the following lines.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>const char* ssid     = \"REPLACE_WITH_YOUR_SSID\";     \/\/ your network SSID (name of wifi network)\nconst char* password = \"REPLACE_WITH_YOUR_PASSWORD\"; \/\/ your network password<\/code><\/pre>\n\n\n\n<p>Insert the server URL. In this case, we&#8217;ll make a request to <span class=\"rnthl rntliteral\">www.howsmyssl.com<\/span>. This website will return how good the SSL of the client is (in this case, the ESP32).<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>const char*  server = \"www.howsmyssl.com\";  \/\/ Server URL<\/code><\/pre>\n\n\n\n<p>Then, you need to insert the server certificate. We&#8217;re using the root certificate.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>const char* test_root_ca= \\\n     \"-----BEGIN CERTIFICATE-----\\n\" \\\n     \"MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\\n\" \\\n     \"TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\\n\" \\\n     \"cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\\n\" \\\n     \"WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\\n\" \\\n     \"ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\\n\" \\\n     \"MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\\n\" \\\n     \"h77ct984kIxuPOZXoHj3dcKi\/vVqbvYATyjb3miGbESTtrFj\/RQSa78f0uoxmyF+\\n\" \\\n     \"0TM8ukj13Xnfs7j\/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\\n\" \\\n     \"A5\/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\\n\" \\\n     \"T8KOEUt+zwvo\/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm\/ELNKjD+Jo2FR3qyH\\n\" \\\n     \"B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\\n\" \\\n     \"B5iPNgiV5+I3lg02dZ77DnKxHZu8A\/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\\n\" \\\n     \"KBds0pjBqAlkd25HN7rOrFleaJ1\/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\\n\" \\\n     \"OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\\n\" \\\n     \"jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\\n\" \\\n     \"qHyGO0aoSCqI3Haadr8faqU9GY\/rOPNk3sgrDQoo\/\/fb4hVC1CLQJ13hef4Y53CI\\n\" \\\n     \"rU7m2Ys6xt0nUW7\/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB\/wQEAwIBBjAPBgNV\\n\" \\\n     \"HRMBAf8EBTADAQH\/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\\n\" \\\n     \"hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS\/V9lZL\\n\" \\\n     \"ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\\n\" \\\n     \"3BebYhtF8GaV0nxvwuo77x\/Py9auJ\/GpsMiu\/X1+mvoiBOv\/2X\/qkSsisRcOj\/KK\\n\" \\\n     \"NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\\n\" \\\n     \"ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\\n\" \\\n     \"TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+\/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\\n\" \\\n     \"jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\\n\" \\\n     \"oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0\/1lvh+wjChP4kqKOJ2qxq\\n\" \\\n     \"4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U\/t7y0Ff\/9yi0GE44Za4rF2LN9d11TPA\\n\" \\\n     \"mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc\/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\\n\" \\\n     \"emyPxgcYxn\/eR44\/KJ4EBs+lVDR3veyJm+kXQ99b21\/+jh5Xos1AnX5iItreGCc=\\n\" \\\n     \"-----END CERTIFICATE-----\\n\";<\/code><\/pre>\n\n\n\n<p>Create a new client called <span class=\"rnthl rntliteral\">client<\/span> using <span class=\"rnthl rntliteral\">WiFiClient<\/span> secure.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>WiFiClientSecure client;<\/code><\/pre>\n\n\n\n<p>In the <span class=\"rnthl rntliteral\">setup()<\/span>, initialize the Serial Monitor and connect to your network.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>\/\/Initialize serial and wait for port to open:\nSerial.begin(115200);\ndelay(100);\n\nSerial.print(\"Attempting to connect to SSID: \");\nSerial.println(ssid);\nWiFi.begin(ssid, password);\n\n\/\/ attempt to connect to Wifi network:\nwhile (WiFi.status() != WL_CONNECTED) {\n  Serial.print(\".\");\n  \/\/ wait 1 second for re-trying\n  delay(1000);\n}\n\nSerial.print(\"Connected to \");\nSerial.println(ssid);<\/code><\/pre>\n\n\n\n<p>The following line set the client certificate using the <span class=\"rnthl rntliteral\">setCACert()<\/span> method on the <span class=\"rnthl rntliteral\">client<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> client.setCACert(test_root_ca);<\/code><\/pre>\n\n\n\n<p>Then, the client connects to the server. For HTTPS, you need to use port <span class=\"rnthl rntliteral\">443<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>if (!client.connect(server, 443))\n    Serial.println(\"Connection failed!\");<\/code><\/pre>\n\n\n\n<p>If the connection is successful, we can make the HTTP request. In this case, we&#8217;re making a GET request. Note that you need to use the <span class=\"rnthl rntliteral\">https:\/\/<\/span> before the URL you&#8217;ll make a request to.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>  else {\n    Serial.println(\"Connected to server!\");\n    \/\/ Make a HTTP request:\n    client.println(\"GET https:\/\/www.howsmyssl.com\/a\/check HTTP\/1.0\");\n    client.println(\"Host: www.howsmyssl.com\");\n    client.println(\"Connection: close\");\n    client.println();<\/code><\/pre>\n\n\n\n<p>Finally, we get and print the response from the server:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>while (client.connected()) {\n      String line = client.readStringUntil('\\n');\n      if (line == \"\\r\") {\n        Serial.println(\"headers received\");\n        break;\n      }\n    }\n    \/\/ if there are incoming bytes available\n    \/\/ from the server, read them and print them:\n    while (client.available()) {\n      char c = client.read();\n      Serial.write(c);\n    }<\/code><\/pre>\n\n\n\n<p>In the end, we close the connection with the client.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>client.stop();<\/code><\/pre>\n\n\n\n<p>In this example, we make the request once in the <span class=\"rnthl rntliteral\">setup()<\/span>. The <span class=\"rnthl rntliteral\">loop()<\/span> is empty, but you can add any other tasks that you need in your project. Or, depending on the application, you can make the request on the <span class=\"rnthl rntliteral\">loop()<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>void loop() {\n  \/\/ do nothing\n}<\/code><\/pre>\n\n\n\n<p>In summary, to make HTTPS requests:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Include the <span class=\"rnthl rntliteral\">WiFiClientSecure<\/span> library;<\/li>\n\n\n\n<li>Create a <span class=\"rnthl rntliteral\">WiFiClientSecure<\/span> client;<\/li>\n\n\n\n<li>Use port <span class=\"rnthl rntliteral\">443<\/span>;<\/li>\n\n\n\n<li>Use the <span class=\"rnthl rntliteral\">setCACert()<\/span> function to set the client certificate.<\/li>\n\n\n\n<li>Use <span class=\"rnthl rntliteral\">https<\/span> on the URL when making the HTTPS request.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Demonstration<\/h4>\n\n\n\n<p>Upload the code to your board.<\/p>\n\n\n\n<p>Open the Serial Monitor at a baud rate of 115200 and press the onboard RST button.<\/p>\n\n\n\n<p>You should get something as shown in the following screenshot.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"644\" height=\"413\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/WiFiClientSecure-ESP32-Serial-Monitor.png?resize=644%2C413&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"ESP32 WiFiClientSecure example Serial Monitor\" class=\"wp-image-121606\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/WiFiClientSecure-ESP32-Serial-Monitor.png?w=644&amp;quality=100&amp;strip=all&amp;ssl=1 644w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/WiFiClientSecure-ESP32-Serial-Monitor.png?resize=300%2C192&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 644px) 100vw, 644px\" \/><\/figure><\/div>\n\n\n<p>If you scroll to the right, you&#8217;ll get the result of how secure the connection is. You should get a &#8220;Probably Okay&#8221;.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"644\" height=\"413\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/WiFiClientSecure-ESP32-Serial-Monitor-2.png?resize=644%2C413&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"ESP32 WiFiClientSecure example Serial Monitor\" class=\"wp-image-121607\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/WiFiClientSecure-ESP32-Serial-Monitor-2.png?w=644&amp;quality=100&amp;strip=all&amp;ssl=1 644w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/WiFiClientSecure-ESP32-Serial-Monitor-2.png?resize=300%2C192&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 644px) 100vw, 644px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\" id=\"esp32-https-requests-wificlientsecure-without-certificate\">ESP32 HTTPS Requests without Certificate<\/h3>\n\n\n\n<p>If you want to skip the SSL server certificate verification, but you still want to have encrypted communication, you can remove the following line:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> client.setCACert(test_root_ca);<\/code><\/pre>\n\n\n\n<p>And add the following line before connecting with the client:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>client->setInsecure();<\/code><\/pre>\n\n\n\n<p>The complete example can be found below.<\/p>\n\n\n<pre style=\"max-height: 40em; margin-bottom: 20px;\"><code class=\"language-c\">\/*\r\n  Complete project details: https:\/\/RandomNerdTutorials.com\/esp32-https-requests\/\r\n  \r\n  Based on the WiFiClientSecure example HTTPS Requests without Certificate\r\n  Wifi secure connection example for ESP32\r\n  Running on TLS 1.2 using mbedTLS\r\n  Suporting the following chipersuites:\r\n  &quot;TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CCM&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CCM&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CBC_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8&quot;,&quot;TLS_DHE_RSA_WITH_AES_256_CCM_8&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CCM&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CCM&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8&quot;,&quot;TLS_DHE_RSA_WITH_AES_128_CCM_8&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA&quot;,&quot;TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_CCM&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_PSK_DHE_WITH_AES_256_CCM_8&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_CCM&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_PSK_DHE_WITH_AES_128_CCM_8&quot;,&quot;TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_RSA_WITH_AES_256_CCM&quot;,&quot;TLS_RSA_WITH_AES_256_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDH_RSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_RSA_WITH_AES_256_CCM_8&quot;,&quot;TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_CAMELLIA_256_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_RSA_WITH_AES_128_CCM&quot;,&quot;TLS_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDH_RSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_RSA_WITH_AES_128_CCM_8&quot;,&quot;TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_CAMELLIA_128_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_RSA_PSK_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_RSA_PSK_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_PSK_WITH_AES_256_GCM_SHA384&quot;,&quot;TLS_PSK_WITH_AES_256_CCM&quot;,&quot;TLS_PSK_WITH_AES_256_CBC_SHA384&quot;,&quot;TLS_PSK_WITH_AES_256_CBC_SHA&quot;,&quot;TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384&quot;,&quot;TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384&quot;,&quot;TLS_PSK_WITH_AES_256_CCM_8&quot;,&quot;TLS_PSK_WITH_AES_128_GCM_SHA256&quot;,&quot;TLS_PSK_WITH_AES_128_CCM&quot;,&quot;TLS_PSK_WITH_AES_128_CBC_SHA256&quot;,&quot;TLS_PSK_WITH_AES_128_CBC_SHA&quot;,&quot;TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256&quot;,&quot;TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256&quot;,&quot;TLS_PSK_WITH_AES_128_CCM_8&quot;,&quot;TLS_PSK_WITH_3DES_EDE_CBC_SHA&quot;,&quot;TLS_EMPTY_RENEGOTIATION_INFO_SCSV&quot;]\r\n  2017 - Evandro Copercini - Apache 2.0 License.\r\n*\/\r\n\r\n#include &lt;Arduino.h&gt;\r\n#include &lt;WiFi.h&gt;\r\n#include &lt;WiFiClientSecure.h&gt;\r\n\r\nconst char* ssid = &quot;REPLACE_WITH_YOUR_SSID&quot;;\r\nconst char* password = &quot;REPLACE_WITH_YOUR_PASSWORD&quot;;\r\n\r\nconst char*  server = &quot;www.howsmyssl.com&quot;;  \/\/ Server URL\r\n\r\nWiFiClientSecure client;\r\n\r\nvoid setup() {\r\n  \/\/Initialize serial and wait for port to open:\r\n  Serial.begin(115200);\r\n  delay(100);\r\n\r\n  Serial.print(&quot;Attempting to connect to SSID: &quot;);\r\n  Serial.println(ssid);\r\n  WiFi.begin(ssid, password);\r\n\r\n  \/\/ attempt to connect to Wifi network:\r\n  while (WiFi.status() != WL_CONNECTED) {\r\n    Serial.print(&quot;.&quot;);\r\n    \/\/ wait 1 second for re-trying\r\n    delay(1000);\r\n  }\r\n\r\n  Serial.print(&quot;Connected to &quot;);\r\n  Serial.println(ssid);\r\n\r\n  client.setInsecure();\r\n\r\n  Serial.println(&quot;\\nStarting connection to server...&quot;);\r\n  if (!client.connect(server, 443))\r\n    Serial.println(&quot;Connection failed!&quot;);\r\n  else {\r\n    Serial.println(&quot;Connected to server!&quot;);\r\n    \/\/ Make a HTTP request:\r\n    client.println(&quot;GET https:\/\/www.howsmyssl.com\/a\/check HTTP\/1.0&quot;);\r\n    client.println(&quot;Host: www.howsmyssl.com&quot;);\r\n    client.println(&quot;Connection: close&quot;);\r\n    client.println();\r\n\r\n    while (client.connected()) {\r\n      String line = client.readStringUntil('\\n');\r\n      if (line == &quot;\\r&quot;) {\r\n        Serial.println(&quot;headers received&quot;);\r\n        break;\r\n      }\r\n    }\r\n    \/\/ if there are incoming bytes available\r\n    \/\/ from the server, read them and print them:\r\n    while (client.available()) {\r\n      char c = client.read();\r\n      Serial.write(c);\r\n    }\r\n\r\n    client.stop();\r\n  }\r\n}\r\n\r\nvoid loop() {\r\n  \/\/ do nothing\r\n}\r\n<\/code><\/pre>\n\t<p style=\"text-align:center\"><a class=\"rntwhite\" href=\"https:\/\/github.com\/RuiSantosdotme\/Random-Nerd-Tutorials\/raw\/master\/Projects\/ESP32\/ESP32_HTTPS\/ESP32_WiFiClientSecure_No_Certificate\/ESP32_WiFiClientSecure_No_Certificate.ino\" target=\"_blank\">View raw code<\/a><\/p>\n\n\n\n<p>With this example, your connection is still encrypted, but you won&#8217;t be sure if you&#8217;re talking to the right server. This scenario is useful for testing purposes.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">ESP32 HTTPS Requests with Certificate Bundle<\/h3>\n\n\n\n<p>Instead of just using one certificate, you can use a certificate bundle: a collection of trusted certificates that you can load into your board. Then, you don&#8217;t have to worry about getting the certificate for a specific server.<\/p>\n\n\n\n<p>The <span class=\"rnthl rntliteral\">WiFiClient<\/span> library provides some information about how to use a certificate bundle on the following link:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/espressif\/arduino-esp32\/blob\/master\/libraries\/WiFiClientSecure\/README.md#using-a-bundle-of-root-certificate-authority-certificates\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/espressif\/arduino-esp32\/blob\/master\/libraries\/WiFiClientSecure\/README.md#using-a-bundle-of-root-certificate-authority-certificates<\/a><\/li>\n<\/ul>\n\n\n\n<p>I followed all the instructions provided, and got the following issue:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">[  1799][E][ssl_client.cpp:37] _handle_error(): [start_ssl_client():276]: (-12288) X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed<\/pre>\n\n\n\n<p>If anyone knows how to fix this issue, please share in the comments below.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"esp32-https-requests-httpclient\">ESP32 HTTP Requests using HTTPClient Library<\/h2>\n\n\n\n<p>The HTTPClient library provides a simple example showing how to make HTTPS requests with the ESP32. You can find the example in your Arduino IDE. First, make sure you have an ESP32 board selected in <strong>Tools <\/strong>&gt; <strong>Board<\/strong>. Then, go to <strong>File<\/strong> &gt; <strong>Examples <\/strong>&gt; <strong>HTTPClient <\/strong>&gt; <strong>BasicHttpsClient<\/strong>. We created new sketches based on that example. See the code below.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"esp32-https-requests-httpclient-certificate\">ESP32 HTTPS Requests with Certificate<\/h3>\n\n\n\n<p>The following sketch makes a request to howsmyssl.com like the previous examples but uses the HTTPClient library. It checks the server certificate. We&#8217;ll use the root certificate we&#8217;ve gotten in previous steps.<\/p>\n\n\n<pre style=\"max-height: 40em; margin-bottom: 20px;\"><code class=\"language-c\">\/*\r\n  Complete project details: https:\/\/RandomNerdTutorials.com\/esp32-https-requests\/\r\n  Based on the BasicHTTPSClient.ino example found at Examples &gt; BasicHttpsClient\r\n*\/\r\n\r\n#include &lt;Arduino.h&gt;\r\n#include &lt;WiFi.h&gt;\r\n#include &lt;WiFiClientSecure.h&gt;\r\n#include &lt;HTTPClient.h&gt;\r\n\r\n\/\/ Replace with your network credentials\r\nconst char* ssid = &quot;REPLACE_WITH_YOUR_SSID&quot;;\r\nconst char* password = &quot;REPLACE_WITH_YOUR_PASSWORD&quot;;\r\n\r\n\/\/ www.howsmyssl.com root certificate authority, to verify the server\r\n\/\/ change it to your server root CA\r\nconst char* rootCACertificate = \\\r\n     &quot;-----BEGIN CERTIFICATE-----\\n&quot; \\\r\n     &quot;MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\\n&quot; \\\r\n     &quot;TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\\n&quot; \\\r\n     &quot;cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\\n&quot; \\\r\n     &quot;WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\\n&quot; \\\r\n     &quot;ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\\n&quot; \\\r\n     &quot;MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\\n&quot; \\\r\n     &quot;h77ct984kIxuPOZXoHj3dcKi\/vVqbvYATyjb3miGbESTtrFj\/RQSa78f0uoxmyF+\\n&quot; \\\r\n     &quot;0TM8ukj13Xnfs7j\/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\\n&quot; \\\r\n     &quot;A5\/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\\n&quot; \\\r\n     &quot;T8KOEUt+zwvo\/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm\/ELNKjD+Jo2FR3qyH\\n&quot; \\\r\n     &quot;B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\\n&quot; \\\r\n     &quot;B5iPNgiV5+I3lg02dZ77DnKxHZu8A\/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\\n&quot; \\\r\n     &quot;KBds0pjBqAlkd25HN7rOrFleaJ1\/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\\n&quot; \\\r\n     &quot;OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\\n&quot; \\\r\n     &quot;jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\\n&quot; \\\r\n     &quot;qHyGO0aoSCqI3Haadr8faqU9GY\/rOPNk3sgrDQoo\/\/fb4hVC1CLQJ13hef4Y53CI\\n&quot; \\\r\n     &quot;rU7m2Ys6xt0nUW7\/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB\/wQEAwIBBjAPBgNV\\n&quot; \\\r\n     &quot;HRMBAf8EBTADAQH\/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\\n&quot; \\\r\n     &quot;hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS\/V9lZL\\n&quot; \\\r\n     &quot;ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\\n&quot; \\\r\n     &quot;3BebYhtF8GaV0nxvwuo77x\/Py9auJ\/GpsMiu\/X1+mvoiBOv\/2X\/qkSsisRcOj\/KK\\n&quot; \\\r\n     &quot;NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\\n&quot; \\\r\n     &quot;ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\\n&quot; \\\r\n     &quot;TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+\/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\\n&quot; \\\r\n     &quot;jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\\n&quot; \\\r\n     &quot;oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0\/1lvh+wjChP4kqKOJ2qxq\\n&quot; \\\r\n     &quot;4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U\/t7y0Ff\/9yi0GE44Za4rF2LN9d11TPA\\n&quot; \\\r\n     &quot;mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc\/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\\n&quot; \\\r\n     &quot;emyPxgcYxn\/eR44\/KJ4EBs+lVDR3veyJm+kXQ99b21\/+jh5Xos1AnX5iItreGCc=\\n&quot; \\\r\n     &quot;-----END CERTIFICATE-----\\n&quot;;\r\n\r\nvoid setup() {\r\n  Serial.begin(115200);\r\n  Serial.println();\r\n  \/\/ Initialize Wi-Fi\r\n  WiFi.mode(WIFI_STA);\r\n  WiFi.begin(ssid, password);\r\n  Serial.print(&quot;Connecting to WiFi ..&quot;);\r\n  while (WiFi.status() != WL_CONNECTED) {\r\n    Serial.print('.');\r\n    delay(1000);\r\n  }\r\n  Serial.println(WiFi.localIP());\r\n}\r\n\r\nvoid loop() {\r\n  WiFiClientSecure *client = new WiFiClientSecure;\r\n  if(client) {\r\n    \/\/ set secure client with certificate\r\n    client-&gt;setCACert(rootCACertificate);\r\n    \/\/create an HTTPClient instance\r\n    HTTPClient https;\r\n\r\n    \/\/Initializing an HTTPS communication using the secure client\r\n    Serial.print(&quot;[HTTPS] begin...\\n&quot;);\r\n    if (https.begin(*client, &quot;https:\/\/www.howsmyssl.com\/a\/check&quot;)) {  \/\/ HTTPS\r\n      Serial.print(&quot;[HTTPS] GET...\\n&quot;);\r\n      \/\/ start connection and send HTTP header\r\n      int httpCode = https.GET();\r\n      \/\/ httpCode will be negative on error\r\n      if (httpCode &gt; 0) {\r\n      \/\/ HTTP header has been send and Server response header has been handled\r\n       Serial.printf(&quot;[HTTPS] GET... code: %d\\n&quot;, httpCode);\r\n      \/\/ file found at server\r\n        if (httpCode == HTTP_CODE_OK || httpCode == HTTP_CODE_MOVED_PERMANENTLY) {\r\n          \/\/ print server response payload\r\n          String payload = https.getString();\r\n          Serial.println(payload);\r\n        }\r\n      }\r\n      else {\r\n        Serial.printf(&quot;[HTTPS] GET... failed, error: %s\\n&quot;, https.errorToString(httpCode).c_str());\r\n      }\r\n      https.end();\r\n    }\r\n  }\r\n  else {\r\n    Serial.printf(&quot;[HTTPS] Unable to connect\\n&quot;);\r\n  }\r\n  Serial.println();\r\n  Serial.println(&quot;Waiting 2min before the next round...&quot;);\r\n  delay(120000);\r\n}\r\n<\/code><\/pre>\n\t<p style=\"text-align:center\"><a class=\"rntwhite\" href=\"https:\/\/github.com\/RuiSantosdotme\/Random-Nerd-Tutorials\/raw\/master\/Projects\/ESP32\/ESP32_HTTPS\/ESP32_BasicHttpsClient_Certificate\/ESP32_BasicHttpsClient_Certificate.ino\" target=\"_blank\">View raw code<\/a><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">How does the Code Work?<\/h4>\n\n\n\n<p>Start by including the required libraries: <span class=\"rnthl rntliteral\">WiFi.h<\/span>, <span class=\"rnthl rntliteral\">WiFiClientSecure.h<\/span>, and <span class=\"rnthl rntliteral\">HTTPClient.h<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>#include &lt;Arduino.h&gt;\n#include &lt;WiFi.h&gt;\n#include &lt;WiFiClientSecure.h&gt;\n#include &lt;HTTPClient.h&gt;<\/code><\/pre>\n\n\n\n<p>Insert your network credentials in the following lines:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>\/\/ Replace with your network credentials\nconst char* ssid = \"REPLACE_WITH_YOUR_SSID\";\nconst char* password = \"REPLACE_WITH_YOUR_PASSWORD\";<\/code><\/pre>\n\n\n\n<p>Next, you need to add the server certificate. We&#8217;re using the root certificate for howsmyssl.com (see previous steps).<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>const char* rootCACertificate = \\\n     \"-----BEGIN CERTIFICATE-----\\n\" \\\n     \"MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw\\n\" \\\n     \"TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\\n\" \\\n     \"cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4\\n\" \\\n     \"WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu\\n\" \\\n     \"ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY\\n\" \\\n     \"MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc\\n\" \\\n     \"h77ct984kIxuPOZXoHj3dcKi\/vVqbvYATyjb3miGbESTtrFj\/RQSa78f0uoxmyF+\\n\" \\\n     \"0TM8ukj13Xnfs7j\/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U\\n\" \\\n     \"A5\/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW\\n\" \\\n     \"T8KOEUt+zwvo\/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm\/ELNKjD+Jo2FR3qyH\\n\" \\\n     \"B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC\\n\" \\\n     \"B5iPNgiV5+I3lg02dZ77DnKxHZu8A\/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv\\n\" \\\n     \"KBds0pjBqAlkd25HN7rOrFleaJ1\/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn\\n\" \\\n     \"OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn\\n\" \\\n     \"jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw\\n\" \\\n     \"qHyGO0aoSCqI3Haadr8faqU9GY\/rOPNk3sgrDQoo\/\/fb4hVC1CLQJ13hef4Y53CI\\n\" \\\n     \"rU7m2Ys6xt0nUW7\/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB\/wQEAwIBBjAPBgNV\\n\" \\\n     \"HRMBAf8EBTADAQH\/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq\\n\" \\\n     \"hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS\/V9lZL\\n\" \\\n     \"ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ\\n\" \\\n     \"3BebYhtF8GaV0nxvwuo77x\/Py9auJ\/GpsMiu\/X1+mvoiBOv\/2X\/qkSsisRcOj\/KK\\n\" \\\n     \"NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5\\n\" \\\n     \"ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur\\n\" \\\n     \"TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+\/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC\\n\" \\\n     \"jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc\\n\" \\\n     \"oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0\/1lvh+wjChP4kqKOJ2qxq\\n\" \\\n     \"4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U\/t7y0Ff\/9yi0GE44Za4rF2LN9d11TPA\\n\" \\\n     \"mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc\/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d\\n\" \\\n     \"emyPxgcYxn\/eR44\/KJ4EBs+lVDR3veyJm+kXQ99b21\/+jh5Xos1AnX5iItreGCc=\\n\" \\\n     \"-----END CERTIFICATE-----\\n\";<\/code><\/pre>\n\n\n\n<p>In the setup () initialize the Serial Monitor and connect to Wi-Fi.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>void setup() {\n  Serial.begin(115200);\n  Serial.println();\n  \/\/ Initialize Wi-Fi\n  WiFi.mode(WIFI_STA);\n  WiFi.begin(ssid, password);\n  Serial.print(\"Connecting to WiFi ..\");\n  while (WiFi.status() != WL_CONNECTED) {\n    Serial.print('.');\n    delay(1000);\n  }\n  Serial.println(WiFi.localIP());\n}<\/code><\/pre>\n\n\n\n<p>In the <span class=\"rnthl rntliteral\">loop()<\/span>, create a pointer to <span class=\"rnthl rntliteral\">WiFiClientSecure<\/span> called <span class=\"rnthl rntliteral\">client<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> WiFiClientSecure *client = new WiFiClientSecure;<\/code><\/pre>\n\n\n\n<p>Set a secure client with the certificate using the <span class=\"rnthl rntliteral\">setCACert()<\/span> method:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> client-&gt;setCACert(rootCACertificate);<\/code><\/pre>\n\n\n\n<p>Then, create an <span class=\"rnthl rntliteral\">HTTPClient<\/span> instance called <span class=\"rnthl rntliteral\">https<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>\/\/create an HTTPClient instance\nHTTPClient https;<\/code><\/pre>\n\n\n\n<p>Initialize the https client on the host specified using the <span class=\"rnthl rntliteral\">begin()<\/span> method. In this case, we&#8217;re making a request on the following URL: <span class=\"rnthl rntliteral\">https:\/\/www.howsmyssl.com\/a\/check<\/span>.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> if (https.begin(*client, \"https:\/\/www.howsmyssl.com\/a\/check\")) {  \/\/ HTTPS<\/code><\/pre>\n\n\n\n<p>Get the server response code.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> int httpCode = https.GET();<\/code><\/pre>\n\n\n\n<p>If the response code is a positive number, it means the connection was established successfully, so we can read the response payload using the <span class=\"rnthl rntliteral\">getString()<\/span> method on the <span class=\"rnthl rntliteral\">https<\/span> object. Then, we can print the payload in the Serial Monitor. In a practical application, you can do whatever task you need with the ESP32 depending on the received payload.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>if (https.begin(client, \"https:\/\/www.howsmyssl.com\/a\/check\")) {  \/\/ HTTPS\n  Serial.print(\"&#091;HTTPS] GET...\\n\");\n  \/\/ start connection and send HTTP header\n  int httpCode = https.GET();\n  \/\/ httpCode will be negative on error\n  if (httpCode &gt; 0) {\n    \/\/ HTTP header has been send and Server response header has been handled\n    Serial.printf(\"&#091;HTTPS] GET... code: %d\\n\", httpCode);\n    \/\/ file found at server\n    if (httpCode == HTTP_CODE_OK || httpCode == HTTP_CODE_MOVED_PERMANENTLY) {\n      \/\/ print server response payload\n      String payload = https.getString();\n      Serial.println(payload);\n    }\n  }<\/code><\/pre>\n\n\n\n<p>If the response code is a negative number, it means we have an error. We&#8217;ll print the error code.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>else {\n   Serial.printf(\"&#091;HTTPS] GET... failed, error: %s\\n\", https.errorToString(httpCode).c_str());\n}<\/code><\/pre>\n\n\n\n<p>Finally, close the HTTPS connection using the <span class=\"rnthl rntliteral\">end()<\/span> method:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>https.end();<\/code><\/pre>\n\n\n\n<p>This specific example makes a request every two minutes. You can change it depending on your project requirements.<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>  Serial.println(\"Waiting 2min before the next round...\");\n  delay(120000);<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Demonstration<\/h4>\n\n\n\n<p>You can change the debug level to get more information about what&#8217;s going on in the process. Go to <strong>Tools <\/strong>&gt; <strong>Core Debug Level<\/strong> &gt; <strong>Debug<\/strong>. Then, you can upload the code to the ESP32.<\/p>\n\n\n\n<p>After uploading the code, open the Serial Monitor at a baud rate of 115200. Press the on-board RST board to start running the newly uploaded code. <\/p>\n\n\n\n<p>You should get something similar as shown in the picture below.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"602\" height=\"506\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-Demonstration-Serial-Monitor-1.png?resize=602%2C506&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"Demonstration HTTPs request ESP32 with response payload\" class=\"wp-image-121788\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-Demonstration-Serial-Monitor-1.png?w=602&amp;quality=100&amp;strip=all&amp;ssl=1 602w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-Demonstration-Serial-Monitor-1.png?resize=300%2C252&amp;quality=100&amp;strip=all&amp;ssl=1 300w\" sizes=\"(max-width: 602px) 100vw, 602px\" \/><\/figure><\/div>\n\n\n<p>If you scroll to the right, you&#8217;ll get the result of how secure the connection is. You should get a &#8220;Probably Okay&#8221;.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"esp32-https-requests-httpclient-without-certificate\">ESP32 HTTPS Requests without Certificate<\/h3>\n\n\n\n<p>If you want to skip the SSL server certificate verification, but you still want to have encrypted communication, you can remove the following line:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code> client.setCACert(test_root_ca);<\/code><\/pre>\n\n\n\n<p>And add the following line before starting the HTTP client:<\/p>\n\n\n\n<pre class=\"wp-block-code language-c\"><code>client.setInsecure();<\/code><\/pre>\n\n\n\n<p>The complete example can be found below.<\/p>\n\n\n<pre style=\"max-height: 40em; margin-bottom: 20px;\"><code class=\"language-c\">\/*\r\n  Complete project details: https:\/\/RandomNerdTutorials.com\/esp32-https-requests\/\r\n  Based on the BasicHTTPSClient.ino example found at Examples &gt; BasicHttpsClient\r\n*\/\r\n\r\n#include &lt;Arduino.h&gt;\r\n#include &lt;WiFi.h&gt;\r\n#include &lt;WiFiClientSecure.h&gt;\r\n#include &lt;HTTPClient.h&gt;\r\n\r\n\/\/ Replace with your network credentials\r\nconst char* ssid = &quot;REPLACE_WITH_YOUR_SSID&quot;;\r\nconst char* password = &quot;REPLACE_WITH_YOUR_PASSWORD&quot;;\r\n\r\nvoid setup() {\r\n  Serial.begin(115200);\r\n  Serial.println();\r\n  \/\/ Initialize Wi-Fi\r\n  WiFi.mode(WIFI_STA);\r\n  WiFi.begin(ssid, password);\r\n  Serial.print(&quot;Connecting to WiFi ..&quot;);\r\n  while (WiFi.status() != WL_CONNECTED) {\r\n    Serial.print('.');\r\n    delay(1000);\r\n  }\r\n  Serial.println(WiFi.localIP());\r\n}\r\n\r\nvoid loop() {\r\n WiFiClientSecure *client = new WiFiClientSecure;\r\n  if(client) {\r\n    \/\/ set secure client without certificate\r\n    client-&gt;setInsecure();\r\n    \/\/create an HTTPClient instance\r\n    HTTPClient https;\r\n\r\n    \/\/Initializing an HTTPS communication using the secure client\r\n    Serial.print(&quot;[HTTPS] begin...\\n&quot;);\r\n    if (https.begin(*client, &quot;https:\/\/www.howsmyssl.com\/a\/check&quot;)) {  \/\/ HTTPS\r\n      Serial.print(&quot;[HTTPS] GET...\\n&quot;);\r\n      \/\/ start connection and send HTTP header\r\n      int httpCode = https.GET();\r\n      \/\/ httpCode will be negative on error\r\n      if (httpCode &gt; 0) {\r\n      \/\/ HTTP header has been send and Server response header has been handled\r\n       Serial.printf(&quot;[HTTPS] GET... code: %d\\n&quot;, httpCode);\r\n      \/\/ file found at server\r\n        if (httpCode == HTTP_CODE_OK || httpCode == HTTP_CODE_MOVED_PERMANENTLY) {\r\n          \/\/ print server response payload\r\n          String payload = https.getString();\r\n          Serial.println(payload);\r\n        }\r\n      }\r\n      else {\r\n        Serial.printf(&quot;[HTTPS] GET... failed, error: %s\\n&quot;, https.errorToString(httpCode).c_str());\r\n      }\r\n      https.end();\r\n    }\r\n  }\r\n  else {\r\n    Serial.printf(&quot;[HTTPS] Unable to connect\\n&quot;);\r\n  }\r\n  Serial.println();\r\n  Serial.println(&quot;Waiting 2min before the next round...&quot;);\r\n  delay(120000);\r\n}\r\n<\/code><\/pre>\n\t<p style=\"text-align:center\"><a class=\"rntwhite\" href=\"https:\/\/github.com\/RuiSantosdotme\/Random-Nerd-Tutorials\/raw\/master\/Projects\/ESP32\/ESP32_HTTPS\/ESP32_HTTPSClient_No_Certificate\/ESP32_HTTPSClient_No_Certificate.ino\" target=\"_blank\">View raw code<\/a><\/p>\n\n\n\n<p>With this example, your connection is still encrypted, but you won&#8217;t be sure if you&#8217;re talking to the right server. This scenario is useful for testing purposes.<\/p>\n\n\n\n<p>After uploading this example, here&#8217;s what you should get:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"838\" height=\"506\" src=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-No-Certificate-Demonstration-Serial-Monitor-1.png?resize=838%2C506&#038;quality=100&#038;strip=all&#038;ssl=1\" alt=\"Demonstration HTTPs request ESP32\" class=\"wp-image-121792\" srcset=\"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-No-Certificate-Demonstration-Serial-Monitor-1.png?w=838&amp;quality=100&amp;strip=all&amp;ssl=1 838w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-No-Certificate-Demonstration-Serial-Monitor-1.png?resize=300%2C181&amp;quality=100&amp;strip=all&amp;ssl=1 300w, https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Client-No-Certificate-Demonstration-Serial-Monitor-1.png?resize=768%2C464&amp;quality=100&amp;strip=all&amp;ssl=1 768w\" sizes=\"(max-width: 838px) 100vw, 838px\" \/><\/figure><\/div>\n\n\n<p>Your connection is still encrypted, but it will skip SSL verification.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Wrapping Up<\/h2>\n\n\n\n<p>In this tutorial, you learned how to make HTTPS requests with the ESP32. You also learned about the basic concepts of <a href=\"https:\/\/randomnerdtutorials.com\/esp32-esp8266-https-ssl-tls\/\">HTTPS protocol and about SSL\/TLS certificates<\/a>.<\/p>\n\n\n\n<p>We&#8217;ve taken a look at examples with the WiFiClientSecure and HTTPClient libraries. The examples presented are as simple as possible so that you can modify them and apply them to your own projects. You learned how to make HTTPS requests with and without verification of the SSL\/TLS certificate.<\/p>\n\n\n\n<p>We hope you found this tutorial useful. We intend to create more tutorials about HTTPS and secure communication. Let us know in the comments below what you think.<\/p>\n\n\n\n<p>Learn more about the ESP32 with our resources:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/randomnerdtutorials.com\/learn-esp32-with-arduino-ide\/\">Learn ESP32 with Arduino IDE<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/randomnerdtutorials.com\/build-web-servers-esp32-esp8266-ebook\/\">Build Web Servers with ESP32 and ESP8266<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/randomnerdtutorials.com\/firebase-esp32-esp8266-ebook\/\">Firebase Web App with ESP32 and ESP8266<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/randomnerdtutorials.com\/projects-esp32\/\">Free ESP32 Projects and Tutorials<\/a><\/li>\n<\/ul>\n\n\n\n<p>Thanks for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this guide, you&#8217;ll learn how to make HTTPS requests with the ESP32. We&#8217;ll introduce you to some HTTPS fundamental concepts and provide several examples (with and without certificates) using &#8230; <\/p>\n<p class=\"read-more-container\"><a title=\"ESP32 HTTPS Requests (Arduino IDE)\" class=\"read-more button\" href=\"https:\/\/randomnerdtutorials.com\/esp32-https-requests\/#more-121379\" aria-label=\"Read more about ESP32 HTTPS Requests (Arduino IDE)\">CONTINUE READING \u00bb<\/a><\/p>\n","protected":false},"author":5,"featured_media":121806,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[281,276,277,299,264],"tags":[],"class_list":["post-121379","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-esp32-project","category-esp32","category-esp32-arduino-ide","category-0-esp32","category-project"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/randomnerdtutorials.com\/wp-content\/uploads\/2022\/11\/ESP32-HTTPS-Requests.jpg?fit=1280%2C720&quality=100&strip=all&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/posts\/121379","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/comments?post=121379"}],"version-history":[{"count":48,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/posts\/121379\/revisions"}],"predecessor-version":[{"id":168141,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/posts\/121379\/revisions\/168141"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/media\/121806"}],"wp:attachment":[{"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/media?parent=121379"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/categories?post=121379"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/randomnerdtutorials.com\/wp-json\/wp\/v2\/tags?post=121379"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}