macOS USB Serial script error: SSL certificate verify failed --- TCP connection init hangs

jrb1133 · July 24, 2021, 5:08am

Hi Everyone - Saw a few macOS communication errors from 5 or so years ago, but nothing with this particular error.

These are the instructions I am following (for Mac): USB Serial | Blynk Help Center

Specifically, I am running an Arduino Uno through my Mac and trying to get the serial communication to work with the Blynk server.

I am running the “Blynk_USB_Serial” sketch example on the UNO.

I then run the blynk-ser.sh shell script and get the error “certificate verify failed”. From the shell screen output it looks like there is a successful connection with the UNO, but the connection with the Blynk Server is failing.

Does anyone have any suggestions? I tried turning off my firewall and still get the error. Could this be an issue with the server.crt file in the certs folder that I need to update, or something else? Any suggestions welcome.

Here is the blynk-ser.sh screen output:

Reconnecting in 3s...

Connecting: GOPEN:/dev/tty.usbmodem14101,raw,echo=0,clocal=1,cs8,nonblock=1,ixoff=0,ixon=0,ispeed=9600,ospeed=9600,crtscts=0 <-> openssl-connect:blynk-cloud.com:443,cafile=/Users/jeffreybaker/documents/arduino/libraries/blynk/scripts/certs/server.crt,nodelay

2021/07/24 00:50:24 socat[72221] N opening character device "/dev/tty.usbmodem14101" for reading and writing

2021/07/24 00:50:24 socat[72221] N opening connection to LEN=16 AF=2 45.55.96.146:443

2021/07/24 00:50:24 socat[72221] N successfully connected from local address LEN=16 AF=2 192.168.0.18:62366

2021/07/24 00:50:24 socat[72221] E SSL_connect(): error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

2021/07/24 00:50:24 socat[72221] N exit(1)

Reconnecting in 3s...

PeteKnight · July 24, 2021, 5:24am

SSL support (port 443) for blynk-cloud.com was turned-off earlier this year.
You’ll probably need to edit the batch file to use port 8080

Pete.

jrb1133 · July 24, 2021, 5:32am

Thanks for the suggestion Pete, I think its the right track. When I change the port to 8080 I still get an error. However is now an “Undefined error: 0”

Specifically, this is the script output now…

2021/07/24 01:28:58 socat[73454] N opening connection to LEN=16 AF=2 45.55.96.146:8080

2021/07/24 01:28:58 socat[73454] N successfully connected from local address LEN=16 AF=2 192.168.0.18:63009

2021/07/24 01:28:58 socat[73454] E SSL_connect(): Undefined error: 0

PeteKnight · July 24, 2021, 5:36am

It’s still trying to use SSL

Pete.

jrb1133 · July 24, 2021, 5:44am

Ah, I see there are other lines in the shell file that I can use to change from SSL to TCP. So, I have tried now with TCP and port 80 as well as port 8080. Using TCP the script hangs on “starting data transfer loop”

Here is what the script header has in it now:

# === Edit default options to match your need ===

FROM_TYPE="SER" # SER, TCP
TO_TYPE="TCP"   # TCP, SSL... changed from SSL to TCP

COMM_BAUD=9600
SERV_ADDR=blynk-cloud.com
SERV_PORT_SSL=8080 # was 443
SERV_PORT_TCP=8080  # was 80
LSTN_PORT=80

SRVR_CERT="$SCRIPTPATH/certs/server.crt"
CLNT_CERT="$SCRIPTPATH/certs/client.pem"

# === Edit the lines below only if absolutely sure what you're doing ===

And, this is what the script output is doing now… its hanging on the last line.

Connecting: GOPEN:/dev/tty.usbmodem14101,raw,echo=0,clocal=1,cs8,nonblock=1,ixoff=0,ixon=0,ispeed=9600,ospeed=9600,crtscts=0 <-> TCP:blynk-cloud.com:8080,nodelay

2021/07/24 01:39:01 socat[73757] N opening character device "/dev/tty.usbmodem14101" for reading and writing

2021/07/24 01:39:01 socat[73757] N opening connection to LEN=16 AF=2 45.55.96.146:8080

2021/07/24 01:39:01 socat[73757] N successfully connected from local address LEN=16 AF=2 192.168.0.18:63167

2021/07/24 01:39:01 socat[73757] N starting data transfer loop with FDs [5,5] and [8,8]

PeteKnight · July 24, 2021, 5:48am

What happens if you change the TCP port back to 80 ?

Pete.

jrb1133 · July 24, 2021, 5:50am

It still hangs on the last line with the port set to 80 too…

Connecting: GOPEN:/dev/tty.usbmodem14101,raw,echo=0,clocal=1,cs8,nonblock=1,ixoff=0,ixon=0,ispeed=9600,ospeed=9600,crtscts=0 <-> TCP:blynk-cloud.com:80,nodelay
2021/07/24 01:49:28 socat[74044] N opening character device "/dev/tty.usbmodem14101" for reading and writing
2021/07/24 01:49:28 socat[74044] N opening connection to LEN=16 AF=2 45.55.96.146:80
2021/07/24 01:49:28 socat[74044] N successfully connected from local address LEN=16 AF=2 192.168.0.18:63332
2021/07/24 01:49:28 socat[74044] N starting data transfer loop with FDs [5,5] and [8,8]

I also turned off my firewall again and confirmed my router is not blocking any services or ports with the same results.

jrb1133 · July 27, 2021, 10:48pm

For anyone following or finding this thread, here is what I ended up doing:

For now, I have been able to use a different service, Cayenne, to get the serial over USB interface to work. It is set up very much like Blynk. The script looked like the same one with just a few changes here and there to connect to their service.
Cayenne Features - Developer | myDevices.com
I plan to order a WiFi module to connect that way in the near future as all the services are really intended to be used that way…