HTTPS Issues

  • Hello,

    I’m using module GL865-DUAL-V3 (FW revision 16.00.152) and I’m
    facing with the following issues:

    [Direct SSL Socket Connection]
    I’m using a HTTP/ TCP
    connection under SSL where the Server exposes web services via Https powered with
    a self-signed certificate.
    I did the following steps:

    • loaded the server certificate
      in the module (AT#SSLSECDATA=1,1,..)
    • configured the module to
      manage Server certificate (AT#SSLSECCFG=1,0,1)

    When I try to establish a SSL Socket connection (through the command
    AT#SSLD) I get ever the error “SSL error during handshake”

    From the other hand, everything works well if I configure the module
    by disabling the management of SSL Certificate: AT#SSLSECCFG=1,0,0

    Question: does the module support
    self-signed certificate?

    From the other hand, I get the same error even though I use the
    global “recognized” certificate:

    • I got the
      CACertificate (following the procedure described in Telit_SSL_TLS_User_Guide_r10)
    • I loaded the above certificate in
      the module
    • I configured the module to
      manage Server certificate (AT#SSLSECCFG=1,1,1)

    When I try to establish a SSL Socket connection (AT#SSLD=1,443,"",0,0)
    I ever get the error “SSL error during handshake”

    [HTTP SSL Socket Connection]
    In addition, I tried to use HTTP set of commands but without luck,
    here a piece of log:





    #HTTPRING: 0,0,"",0

    #HTTPRING: 0,0,"",0

    As you can see, I ever get an empty response from

    NOTE: It works well if I try to send the same command trough a
    software acting as HTTP REST client (like Postman)

    Thanks in advance for your help.

  • Hello Ivan,

    Answer from our Telit-Support:

    AT#CPUMODE=4 may solve the issue.
    The SSL negotiation must be performed in a
    certain amount of time, otherwise it fails.
    The cert validation is a
    mathematically complex operation and it takes time, therefore a greater CPU
    clock helps.

    However, the negotiation speed was improved in newer SW
    versions, so we also suggest to upgrade the module to a newer SW
    (the latest is 16.01.151).

    It should work with self signed
    certificates, they are no different from other certificates, but the correct CA
    certificate must be imported in the module and the length it is limited to (2047
    The key length and the hashing algorithm may be the issue.
    version 16.00.152 supports only 1024 bit RSA keys and only SHA-1 hashing
    SW version 16.01.151 supports up to 2048 bit RSA keys and SHA-256
    was added.

    Let us know if you need more info.

    Kind Regards,


  • Hi Huseyin,
    thanks for answering.

    First of all i would like to know what's the right (i suppose the latest in order of time) Firmware version for GL865-DUAL-V3.
    I got the more recent (in term of date) directly from the (private) Telit Download Zone, precisely the 16.00.xx2

    SW 16.00.xx2
    Telit GL865-DUAL V3

    SW 16.01.xx1
    Telit GL865-DUAL V3

    Are you sure that xx1 is the newest firmware?

    Also, the #CPUMODE=4 doesn't help:

    • AT#HTTPQRY gets ever timeout
    • AT#SSLD gets ever the same error: +CME ERROR: SSL error during handshake


  • Hi Ivan,

    the xx1 is newest/latest version because 16.01.xx1 there is a one before last dot.
    You are right, there is a mistake with date at downloadzone from Telit, but here is the right version history:


    so please try first version 16.01.xx1 and let me know if your issue still exists.

    Kind regards,


  • Hi Huseyin,
    you're right, i downloaded and flashed the xx1.
    Anyway i have still some unexpected behavior.

    The AT#HTTPQRY command now works BUT only if i set anonymous ssl handling (AT#SSLSECCFG=1,0,0)
    If i try to manage server authentication (AT#SSLSECCFG=1,0,1) i receive the error "+CME ERROR: connection failed" (before i got timeout).

    The AT#SSLD has the same behavior as before, i get ever "+CME ERROR: SSL error during handshake".
    I tried with a self-signed server or "recognized" certificate server, no difference.

    It seems there's not way to work with the server authentication mode.

    Thanks for your help.


  • Hi Ivan,

    Have you set AT#CPUMODE to 4?
    Maybe you are not using the correct
    Can you share with us the CA certificate that you are using
    and the server that you are trying to connect to?
    An AT log should be just
    fine, if is visible also the certificate import in it.

    Please send requested informations to ts(at)

    Thank you.


  • Hi,
    I am using below model and software version.

    Model: UL865-EUD

    SW version: 12.00.618

    Can we use the [HTTP SSL Socket Connection] implementation.

    Does HTTP SSL Socket Connection supports for above model and firmware version.


  • Hi Hüseyin,

    Thank you so much for the reply. I am trying to connect ssl server but it shows error.

    I am using below commands








    All commands shows OK,and certificate stored successfully,but SSLD command always giving error.

    I tried AT#CPUMODE=4 command this also gives error. using below module and software version.
    Model: UL865-EUD

    SW version: 12.00.618

    Can you please help to solve this issue.


  • Hi John,

    Try sending AT+CMEE=2 to check if you get a verbose error response that could explain what the problem is when the connection fails. It could be an error during handshake or not being able to connect at all.