SSL commands timeout

14 thoughts on “SSL commands timeout

  1. Hi,


    I would like to ask what are the timeouts for SSL commands like




    In the AT command reference guide there is part where timeout for plain socket is specified (e.g. AT#SD 140 sec) but I did not find anything about the ssl commands.



    1. SSL timeouts are defined by AT#SSLCFG command











      – exchange timeout (or socket inactivity timeout); in online mode, if there’s no data exchange within this timeout period the connection is closed.

      0 – no timeout

      1..65535 – timeout value in seconds (default 90 s.)


      <defTo> – Timeout that will be used by default whenever the corresponding parameter of each command is not set.

        10…5000 – Timeout in tenth of seconds (default 100).


      – data sending timeout; in online mode after this period data are sent also if they’re less than max packet size.

      0 – no timeout

      1..255 – timeout value in hundreds of milliseconds (default 50)

      1. Yes but from what I can tell there settings apply when the connection has been established. But e.g. I use AT#SSLCFG and set the defTo value to 100 (if I understand correctly it will be 10 seconds) and after that I try to make connection to server which I known is down, so I expect it to timeout in something close to 10 seconds but it took more than a minute till I got response +CME ERROR: 832

        1. I apologize for the late replay.


          In this case the connection timeout cannot be configured.

          The defTo is the timeout that will be used by default whenever the corresponding
          parameter of each command is not set.


          For the #SSLD command:


          "<Timeout> – time-out in 100 ms units. It represents the TCP inter-packet
          Note: it DOES NOT represent the total handshake timeout."


          1. So is there any way to set the timeout? or at least to know what will be the maximum time before I get the error message? Or should I just wait for the answer… 



          2. currently there’s no way to set the connection timeout and there’s no max. timeout. You should close the socket locally, using the escape sequence +++ or DTR line

  2. Can escape sequence +++ be used also with command AT#SSLD or with this command only the closing with DTR line is possible? From what I understood +++ should be used only after the connection has been established….

    1. AT#SSLD: Execution command opens a remote connection via socket secured
      through SSL. Both command and online modes can be used.
      In the first case ‘OK’ is printed on success, and data exchange can be
      performed by means of #SSLSEND and #SSLRECV commands.
      In online mode ‘CONNECT’ message is printed, and data can be
      sent/received directly to/by the serial port. Communication can be
      suspended by issuing the escape sequence (by default +++) and restored
      with #SSLO command.

      1. But this is only after the connection has been made (either CONNECT or OK was received), but what to do in a situation in which the remote server is not responding and the AT#SSLD is just hanging.. Is there any way to cancel the ongoing connection attempt? or to specify connecting timeout? Because in some situations I received some ERROR message in a reasonable time, but sometimes the modem hanged for couple of minutes before it accepted anything else…

        1. Some timeouts are configurable with AT#SSLCFG, but I think the initial handshake isn’t under their control; you can only hope a +++ or DTR switch will work.

          1. Yes.. other timeouts seems to be working fine (altough even with good connection sometimes  I get timeout on AT#SSLRECV even thoug the connection was sucessfuly created and some data were sent…)

            I have tried +++ but without much luck… and I will yet try DTR and see.

  3. Dear Sir,

    We are using GL868-DUAL module (10.01.181) for http communication. I have installed CA certification in module NVM successfully, when we are trying to connect with google, it is responding handshaking error.

    Please find attached log.


    Please let me know, what is the mistake from my side.





    1. Hello,

      1.) The certificate that you have uploaded on the module is not the root CA, it’s an intermediate.
           You must upload the root certificate.
           Attached the correct root certificate for Google (“AT#SSLSECDATA=1,1,1,1162”).

      2.) On our 2G module you must increase the CPU clock speed with AT#CPUMODE=4.
           This step is required to perform the SSL handshae in less time, otherwise the handshake operation may fail.