Quectel UC20 SSL AT Commands Manual V1.0

User Manual: Pdf

Open the PDF directly: View PDF .
Page Count: 25

Download
Open PDF In Browser	View PDF

UC20 SSL
AT Commands Manual
UMTS/HSPA Module Series
Rev. UC20_SSL_AT_Commands_Manual_V1.0
Date: 2013-12-25

www.quectel.com

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

Our aim is to provide customers with timely and comprehensive service. For any
assistance, please contact our company headquarters:
Quectel Wireless Solutions Co., Ltd.
Room 501, Building 13, No.99, Tianzhou Road, Shanghai, China, 200233
Tel: +86 21 5108 6236
Mail: info@quectel.com

Or our local office, for more information, please visit:

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

http://www.quectel.com/support/salesupport.aspx

For technical support, to report documentation errors, please visit:
http://www.quectel.com/support/techsupport.aspx

GENERAL NOTES

QUECTEL OFFERS THIS INFORMATION AS A SERVICE TO ITS CUSTOMERS. THE INFORMATION
PROVIDED IS BASED UPON CUSTOMERS’ REQUIREMENTS. QUECTEL MAKES EVERY EFFORT
TO ENSURE THE QUALITY OF THE INFORMATION IT MAKES AVAILABLE. QUECTEL DOES NOT
MAKE ANY WARRANTY AS TO THE INFORMATION CONTAINED HEREIN, AND DOES NOT ACCEPT
ANY LIABILITY FOR ANY INJURY, LOSS OR DAMAGE OF ANY KIND INCURRED BY USE OF OR
RELIANCE UPON THE INFORMATION. ALL INFORMATION SUPPLIED HEREIN ARE SUBJECT TO
CHANGE WITHOUT PRIOR NOTICE.

COPYRIGHT

THIS INFORMATION CONTAINED HERE IS PROPRIETARY TECHNICAL INFORMATION OF
QUECTEL CO., LTD. TRANSMITTABLE, REPRODUCTION, DISSEMINATION AND EDITING OF THIS
DOCUMENT AS WELL AS UTILIZATION OF THIS CONTENTS ARE FORBIDDEN WITHOUT
PERMISSION. OFFENDERS WILL BE HELD LIABLE FOR PAYMENT OF DAMAGES. ALL RIGHTS
ARE RESERVED IN THE EVENT OF A PATENT GRANT OR REGISTRATION OF A UTILITY MODEL
OR DESIGN.

Copyright © Quectel Wireless Solutions Co., Ltd. 2013. All rights reserved.

UC20_SSL_AT_Commands_Manual

Confidential / Released

1 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

About the Document
History
Revision
1.0

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
Date

Author

Description

2013-12-25

Chris PENG
Amber CHEN

Initial

UC20_SSL_AT_Commands_Manual

Confidential / Released

2 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

Contents
About the Document ................................................................................................................................... 2
Contents ....................................................................................................................................................... 3
Table Index ................................................................................................................................................... 5
1

Introduction .......................................................................................................................................... 6
1.1. SSL Version and CipherSuite ..................................................................................................... 6
1.2. Procedures of Using SSL Function ............................................................................................. 7
1.3. Description of Data Access Mode ............................................................................................... 7
1.4. Time Check for Certificate........................................................................................................... 8
1.5. Open SSL Connection Fails ........................................................................................................ 8

2

Description of AT Command ............................................................................................................ 10
2.1. AT Command Syntax ................................................................................................................ 10
2.2. Description of AT Command ..................................................................................................... 10
2.2.1. AT+QSSLCFG Configure the Parameters of SSL Context ......................................... 10
2.2.2. AT+QSSLOPEN Open a SSL Socket to Connect Remote Server ............................. 14
2.2.3. AT+QSSLSEND Send Data via SSL Connection........................................................ 15
2.2.4. AT+QSSLRECV Receive Data via SSL Connection ................................................... 16
2.2.5. AT+QSSLCLOSE Close SSL Connection ................................................................... 17
2.2.6. AT+QSSLSTATE Query the State of SSL Connection ................................................ 17
2.3. URC Description ....................................................................................................................... 18
2.3.1. Notify Received Data ..................................................................................................... 18
2.3.2. Notify Abnormal Close.................................................................................................... 19
2.3.3. Notify SSL Security Error ............................................................................................... 19

3

Example .............................................................................................................................................. 20
3.1. Configure and Activate the PDP Context .................................................................................. 20
3.1.1. Configure Context .......................................................................................................... 20
3.1.2. Activate Context ............................................................................................................. 20
3.1.3. Deactivate Context ......................................................................................................... 20
3.2. Configure SSL Context ............................................................................................................. 20
3.3. SSL Client Works in Buffer Access Mode ................................................................................. 21
3.3.1. Set up a SSL Connection and Enter into Buffer Access Mode ...................................... 21
3.3.2. Send Data in Buffer Access Mode ................................................................................. 21
3.3.3. Receive Data in Buffer Access Mode............................................................................. 21
3.3.4. Close SSL Connection ................................................................................................... 22
3.4. SSL Client Works in Direct Push Mode .................................................................................... 22
3.4.1. Set up a SSL Connection and Enter into Direct Push Mode ......................................... 22
3.4.2. Send Data in Direct Push Mode..................................................................................... 22
3.4.3. Receive Data in Direct Push Mode ................................................................................ 23
3.4.4. Close SSL Connection ................................................................................................... 23
3.5. SSL Client Works in Transparent Access Mode ....................................................................... 23
3.5.1. Set up a SSL Connection and Send Data in Transparent Access Mode....................... 23

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

UC20_SSL_AT_Commands_Manual

Confidential / Released

3 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

3.5.2.
3.5.3.
4

Set up a SSL Connection and Receive Data in Transparent Access Mode .................. 23
Close SSL Connection ................................................................................................... 23

Appendix A Reference....................................................................................................................... 24

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
UC20_SSL_AT_Commands_Manual

Confidential / Released

4 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

Table Index
TABLE 1: SSL VERSION ..................................................................................................................................... 6
TABLE 2: SSL CIPHERSUITE............................................................................................................................. 6
TABLE 3: RELATED DOCUMENTS .................................................................................................................. 24
TABLE 4: TERMS AND ABBREVIATIONS ........................................................................................................ 24

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
UC20_SSL_AT_Commands_Manual

Confidential / Released

5 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

1

Introduction

This document describes how to use the SSL functionality of Quectel standard module. In some cases, in
order to ensure communication privacy, the communication between the server and the client should be in
an encrypted way. So that it can prevent data from eavesdropping, tampering, or forging during the
communication process. The SSL function meets these demands.

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

1.1. SSL Version and CipherSuite
The following versions are supported.

Table 1: SSL Version
SSL Version
SSL3.0
TLS1.0
TLS1.1
TLS1.2

The following table shows the names of the CipherSuite that Quectel module supports. Please refer to
RFC 2246 – The TLS Protocol Version 1.0 on the Ciphersuite definitions for details.

Table 2: SSL CipherSuite
CipherSuite Code

CipherSuite Name

0X0035

TLS_RSA_WITH_AES_256_CBC_SHA

0X002F

TLS_RSA_WITH_AES_128_CBC_SHA

0X0005

TLS_RSA_WITH_RC4_128_SHA

UC20_SSL_AT_Commands_Manual

Confidential / Released

6 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

0X0004

TLS_RSA_WITH_RC4_128_MD5

0X000A

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0X003D

TLS_RSA_WITH_AES_256_CBC_SHA256

0XFFFF

Support all ciphersuites above

1.2. Procedures of Using SSL Function

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

Step 1: Execute command “AT+QICSGP” to configure the APN, Username, Password of the context and
so on.
Step 2: Execute command “AT+QIACT” to activate the specified PDP context. After the PDP context is
activated, query the local IP address by command “AT+QILOCIP”.
Step 3: Execute command “AT+QSSLCFG” to configure the SSL version, ciphersuite, the path of trusted
CA Cert and security level for the specified SSL context.
Step 4: Execute command “AT+QSSLOPEN” to open SSL client connection,  is used to
specify SSL context,  is used to specify data access mode.
Step 5: After the SSL connection has been established, you can send or receive data via this SSL
connection. About how to send and receive data under each access mode, please refer to
Chapter 1.3.
Step 6: Execute command “AT+QSSLCLOSE” to close SSL connection.
Step 7: Execute command “AT+QIDEACT” to deactivate PDP context.

1.3. Description of Data Access Mode

The SSL connection has three kinds of data access mode: buffer access mode, direct push mode and
transparent access mode. When you use the command “AT+QSSLOPEN” to open SSL connection, you
can specify the access mode via . After SSL connection has been established, you can
switch the access mode via command “AT+QISWTMD”.
1.

In buffer access mode, you can send data via command “AT+QSSLSEND”, and if the modem has
received data from Internet, it will report URC: +QSSLURC: “recv”,, and you can retrieve
data via command “AT+QSSLRECV”.

2.

In direct push mode, you can send data via command “AT+QSSLSEND”, and if the modem has
received data from Internet, it will output directly via UART1/USB modem/USB AT port with following
format: +QSSLURC: “recv”,,.

3.

In transparent access mode, corresponding port will enter exclusive mode (Please note that the USB

UC20_SSL_AT_Commands_Manual

Confidential / Released

7 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

AT port does not support transparent access mode), the data received from COM port will be sent to
Internet directly, and data received from Internet will be outputted via COM port directly. You can use
“+++” or DTR (AT&D1 should be set) to switch to buffer access mode. In transparent access mode, if
SSL connection encounters abnormal disconnection, UC20 modem will report URC: NO CARRIER.
4.

Exit from transparent access data mode by “+++” or DTR (AT&D1 should be set). To prevent the
“+++” from being misinterpreted as data, it should comply with the following sequence:
1)
2)
3)
4)

5.

Do not input any character within 1s before inputting “+++”.
Input “+++” during 1s, and no other characters can be inputted during this time.
Do not input any character within 1s after “+++” has been inputted.
Exit from transparent access mode, return OK.

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

There are two methods to return to transparent access mode:
1)
2)

By AT+QISWTMD. Specify the  as 2 by this command. If entering transparent
access mode successfully, CONNECT will be returned.
By ATO. ATO will change the access mode of connection which lately exits from transparent
access mode. If entering transparent access mode successfully, CONNECT will be returned. If
there is no connection enters transparent access mode before, ATO will return NO CARRIER.

1.4. Time Check for Certificate

To check whether a certificate is in the period of validity, you must parse the certificate, and compare the
local time with the “Not before” and “Not after” of the certificate. If the local time is earlier than the time of
“Not before” or later than the time of “Not after”, the certificate will be considered expired.

When  is 0, in order to avoid failure of certificate time check, you must use command
“AT+CCLK” to configure the modem time to a validity period of the certificate.

1.5. Open SSL Connection Fails

When you fail to open SSL connection, please check the following aspects:

1. Query the status of the specified PDP context by command “AT+QIACT?” to check whether the
specified PDP context is activated.
2. If the address of server is a domain name, please use command “AT+QIDNSCFG=” to
check whether the address of DNS server is valid. Because an invalid DNS server address cannot
convert domain name to IP address.

UC20_SSL_AT_Commands_Manual

Confidential / Released

8 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

3. Please check the SSL configuration by command “AT+QSSLCFG”, especially SSL version and
ciphersuite, make sure they are supported on server side. If you have configured  as 1 or 2,
you must upload trusted CA certificate to modem by FILE AT command. If server side has configured
“SSLVerifyClient required”, you must upload the client cert and client private key to modem by FILE
AT command. For details about certificate time check, please refer to Chapter 1.4.

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
UC20_SSL_AT_Commands_Manual

Confidential / Released

9 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

2

Description of AT Command

2.1. AT Command Syntax

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

Test Command

AT+=?

This command returns the list of parameters and value ranges
set by the corresponding Write Command or internal processes.

Read Command

AT+?

This command returns the currently set value of the parameter
or parameters.

Write Command

AT+=<…>

This command sets the user-definable parameter values.

Execution
Command

AT+

This command reads non-variable parameters affected by
internal processes in the GSM engine.

2.2. Description of AT Command

2.2.1. AT+QSSLCFG

Configure the Parameters of SSL Context

This command can be used to configure the SSL version, ciphersuite, security level, CA certificate, client
certificate and client key. These parameters will be used in the handshake procedure.

 is the index of the SSL context. The modules support 6 SSL contexts at most. On the basis of a
SSL context, several SSL connections can be established. The settings such as the SSL version and the
ciphersuite are stored in the SSL context, and they will be applied to the new SSL connections associated
with the SSL context.

AT+QSSLCFG

Configure the Parameters of SSL Context

Test Command
AT+QSSLCFG=?

UC20_SSL_AT_Commands_Manual

Response
+QSSLCFG: "sslversion",(0-5),(0-3)
+QSSLCFG:
"ciphersuite",(0-5),(0X0035,0X002F,0X0005,0X0004,0X00
0A,0X003D,0XFFFF)
+QSSLCFG: "cacert",(0-5),
+QSSLCFG: "clientcert",(0-5),
+QSSLCFG: "clientkey",(0-5),
+QSSLCFG: "seclevel",(0-5),(0-2)

Confidential / Released

10 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

+QSSLCFG: "ignorelocaltime",(0-5),(0,1)
+QSSLCFG: "negotiatetime",(0-5),(10-300)
OK
Configure the version for the 
AT+QSSLCFG="sslversion",
[,]

Response
If  is omitted, query the value of “version” with
specified , and response:
+QSSLCFG: "sslversion",,
OK

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
Else, set the value of “version” with specified , and
response:
OK
or
ERROR

Configure the ciphersuite for the

AT+QSSLCFG="ciphersuite",[,]

Response
If  is omitted, query the value of “ciphersuite”
with specified , and response:
+QSSLCFG: "ciphersuite",,
OK

Else, set the value of “ciphersuite” with specified ,
and response:
OK
or
ERROR

Configure the path of CA Cert for the

AT+QSSLCFG="cacert",[,]

Response
If  is omitted, query the value of “cacert” with
specified , and response:
+QSSLCFG: "cacert",,
OK

Else, set the value of “cacert” with specified , and
response:
OK
or
ERROR

Configure the path of client Cert for the

AT+QSSLCFG="clientcert",[
,]

UC20_SSL_AT_Commands_Manual

Response
If  is omitted, query the value of “clientcert”
with specified , and response:
+QSSLCFG: "clientcert",,

Confidential / Released

11 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

OK
Else, set the value of “clientcert” with specified ,
and response:
OK
or
ERROR
Configure the path of client Key for the

AT+QSSLCFG="clientkey",[,
]

Response
If  is omitted, query the value of “clientkey”
with specified , and response:
+QSSLCFG: "clientkey",,

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
OK

Else, set the value of “clientkey” with specified ,
and response:
OK
or
ERROR

Configure the security level for the

AT+QSSLCFG="seclevel",[,
]

Response
If  is omitted, query the value of “seclevel” with
specified , and response:
+QSSLCFG: "seclevel",,< seclevel >
OK

Else, set the value of “verify” with specified , and
response:
OK
or
ERROR

Configure the ignore time check for
certification for the 
AT+QSSLCFG="ignorelocaltime",[,]

Response
If  is omitted, query the value of
“ignorelocaltime” with specified , and response:
+QSSLCFG: "ignorelocaltime",,
OK
Else, set the value of “ignorelocaltime” with specified
, and response:
OK
or
ERROR

UC20_SSL_AT_Commands_Manual

Confidential / Released

12 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

Configure the negotiate timeout for the

AT+QSSLCFG="negotiatetime",[,]

Response
If  is omitted, query the value of
“negotiatetimeout” with specified , and response:
+QSSLCFG:
"negotiatetimeout",,
OK
Else, set the value of “negotiatetimeout” with specified
, and response:
OK
or
ERROR

Parameter



l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C












Numeric type, SSL context ID, range is 0~5
Numeric type, SSL Version
0
SSL3.0
1
TLS1.0
2
TLS1.1
3
TLS1.2
Numeric type, SSL Ciphersuites
0X0035
TLS_RSA_WITH_AES_256_CBC_SHA
0X002F
TLS_RSA_WITH_AES_128_CBC_SHA
0X0005
TLS_RSA_WITH_RC4_128_SHA
0X0004
TLS_RSA_WITH_RC4_128_MD5
0X000A
TLS_RSA_WITH_3DES_EDE_CBC_SHA
0X003D
TLS_RSA_WITH_AES_256_CBC_SHA256
0XFFFF
Support all
Numeric format, indicates how to deal with expired certificate
0
Care about time check for certification
1
Ignore time check for certification.
String format, the path of the trusted CA certificate
String format, the path of the client certificate
String format, the path of the client private key
Numeric format, the authentication mode
0
No authentication
1
Manage server authentication
2
Manage server and client authentication if requested by the remote
server
Numeric format, indicates max timeout used in SSL negotiate stage, value rang is
10-300, unit: seconds, default: 300

UC20_SSL_AT_Commands_Manual

Confidential / Released

13 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

2.2.2. AT+QSSLOPEN

Open a SSL Socket to Connect Remote Server

AT+QSSLOPEN is used to set up a SSL connection. During the negotiation between the module and the
Internet, parameters configured by QSSLCFG will be used in the handshake procedure. After shaking
hands with the Internet successfully, the module can send or receive data via this SSL connection. Also
the module can set up several SSL connections based on one SSL context.
According to Chapter 1.2, before executing QSSLOPEN command, you should execute “AT+QIACT”
command to activate PDP context.
It is suggested to wait a specific time (refer to the Maximum Response Time below) for the URC response
as “+QSSLOPEN: ,”. If the URC response has not been received during this time,
you could use AT+QSSLCLOSE to close the SSL connection.

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

AT+QSSLOPEN Open a SSL Socket to Connect Remote Server
Test Command
AT+QSSLOPEN=?

Response
+QSSLOPEN:
(1-16),(0-5),(0-11),,[,(0-2)]
OK

Write Command
AT+QSSLOPEN=,,,,[,]

Response
If the  is transparent access mode and SSL
connection is successfully set up, response:
CONNECT
Else, response:
ERROR
Error description can be got via “AT+QIGETERROR”.
If the  is buffer access mode or direct push
mode, response:
OK

+QSSLOPEN: ,
 is 0 when service is started successfully, else
 is not 0.
Or
ERROR
Error description can be got via “AT+QIGETERROR”.

Maximum Response Time

UC20_SSL_AT_Commands_Manual

Maximum network response time of 150s, plus with
configured time of 

Confidential / Released

14 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

Parameter









Numeric type, PDP context ID, range is 1-16
Numeric type, SSL context ID, range is 0-5
Numeric type, socket index, range is 0-11
String type, the address of remote server
Numeric type, the listening port of remote server
Numeric type, the access mode of SSL connection
0
Buffer access mode
1
Direct push mode
2
Transparent mode
Refer to UC20_TCPIP_AT_Commands_Manual

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

2.2.3. AT+QSSLSEND

Send Data via SSL Connection

After the connection is established, the module can send data through the SSL connection.

AT+QSSLSEND Send Data via SSL Connection
Test Command
AT+QSSLSEND=?

Response
+QSSLSEND: (0-11)[,(1-1500)]
OK

Write Command
AT+QSSLSEND=
Response “>”, then input data to send,
tap CTRL+Z to send, tap ESC to cancel
the operation

Response
>



If connection has been established and sending is successful,
response:
SEND OK
If connection has been established but sending buffer is full,
response:
SEND FAIL
If connection has not been established, abnormally closed, or
parameter is incorrect, response:
ERROR

Write Command
AT+QSSLSEND=,
Response “>”, input data until the data
length is equal to 

Response
>


UC20_SSL_AT_Commands_Manual

Confidential / Released

If connection has been established and sending is successful,

15 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

response:
SEND OK
If connection has been
is full, response:
SEND FAIL

established but sending

buffer

If connection has not been established, abnormally closed, or
parameter is incorrect, response:
ERROR

Parameter



l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C
Numeric type, socket index, range is 0-11.
Numeric type, the length of sending data, range is 1-1500

2.2.4. AT+QSSLRECV

Receive Data via SSL Connection

When you open SSL connection, and specify  as 0, if the module receives data from the
Internet, it will report URC as +QSSLURC: “recv”,, and you can read data from buffer by
AT+QSSLRECV command.

AT+QSSLRECV

Receive Data via SSL Connection

Test Command
AT+QSSLRECV=?

Response
+QSSLRECV: (0-11),(1-1500)
OK

Write Command
AT+QSSLRECV=,

Response
If the specified connection has received data, response:
+QSSLRECV: 
OK

If the buffer is empty, response:
+QSSLRECV: 0
OK

If parameters is not correct or connection has not been
established, response:
ERROR

UC20_SSL_AT_Commands_Manual

Confidential / Released

16 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

Parameter





Numeric type, socket index, range is 0-11
Numeric type, the length of data to be retrieved, range is 1-1500
Numeric type, the actual data length obtained by QSSLRECV
The retrieved data

2.2.5. AT+QSSLCLOSE

Close SSL Connection

This command is used to close a SSL connection. If all the SSL connections based on one SSL context
have been closed, the module will release the SSL context.

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

AT+QSSLCLOSE

Close SSL Connection

Test Command
AT+QSSLCLOSE=?

Response
+QSSLCLOSE: (0-11),(0-65535)
OK

Write Command
AT+QSSLCLOSE=[,]

Response
If successfully closed, response:
OK
If failed to close, response:
ERROR

Parameter




Numeric type, socket index, range is 0-11
Numeric type, the timeout value of QSSLCLOSE, range: 0-65535, unit: s, default:
10s. If  is 0, means close immediately

2.2.6. AT+QSSLSTATE

Query the State of SSL Connection

This command is used to query the socket connection status. It can only query the status of SSL
connection

AT+QSSLSTATE

Query the State of SSL Connection

Test Command
AT+QSSLSTATE=?

Response
OK

Write Command
AT+QSSLSTATE=

Response
+QSSLSTATE:
,“SSLClient”,,,,,,,

UC20_SSL_AT_Commands_Manual

Confidential / Released

17 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

,,
OK
Execute Command
AT+QSSLSTATE

Response
List of(+QSSLSTATE: ,“SSLClient”,
,,,,,,,,)
OK

Parameter

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C














Numeric type, socket index, range is 0-11
String type, the address of remote server
Numeric type, the port of remote server
Numeric type, the local port
Numeric type, the state of SSL connection
0 “Initial”
Connection has not been established
1 “Opening”
Client is connecting
2 “Connected”
Client connection has been established
4 “Closing”
Connection is closing
Numeric type, PDP context ID, range is 1-16
Numeric type, reserved
Numeric type, the access mode of SSL connection
0 Buffer access mode
1 Direct push mode
2 Transparent access mode
String type, COM port
Numeric type, SSL context ID, range is 0-5

2.3. URC Description

2.3.1. Notify Received Data

Notify received data which comes from peer.

Notify Received Data
+QSSLURC: "recv",

The URC of SSL data incoming in buffer access mode. You
can receive SSL data by AT+QSSLRECV.

+QSSLURC:

The URC of SSL data incoming in direct push mode.

UC20_SSL_AT_Commands_Manual

Confidential / Released

18 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

"recv",,

Parameter




Integer type, socket index, range is 0-11
Integer type, the length of actual received data
The received data

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

2.3.2. Notify Abnormal Close

Notify that the connection has been disconnected. Lots of reasons can cause this phenomenon, such as
the Internet closes the connection or the state of GPRS PDP is deactivated. The  of
 will be “closing”. You must execute AT+QSSLCLOSE= to change the
 to “initial”.

Notify Abnormal Close

+QSSLURC: "closed",

Parameter


 SSL connection is closed.

Integer type, socket index, range is 0-11

2.3.3. Notify SSL Security Error

Notify that security error is encountered while transferring data by SSL connection.

Notify SSL Security Error

+QSSLURC: "security",,

Parameter



 SSL connection encounters security
error.

Socket index, range is 0-11
Security error code
1
Encrypt error
2
Decrypt error
3
Data verify error

UC20_SSL_AT_Commands_Manual

Confidential / Released

19 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

3

Example

3.1. Configure and Activate the PDP Context

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

3.1.1. Configure Context

AT+QICSGP=1,1,“UNINET”,“”,“”,1
OK

//Configure context 1, APN is “UNINET” for China Unicom

3.1.2. Activate Context
AT+QIACT=1
OK

//Activate context 1
//Activate successfully

AT+QIACT?
+QIACT: 1,1,1,"10.7.157.1"

//Query the state of context

OK

3.1.3. Deactivate Context
AT+QIDEACT=1
OK

//Deactivate context 1
//Deactivate successfully

3.2. Configure SSL Context
AT+QSSLCFG=“version”,1,1
OK

AT+QSSLCFG=“ciphersuite”,1,0X0035
OK
AT+QSSLCFG=“seclevel”,1,1

UC20_SSL_AT_Commands_Manual

Confidential / Released

20 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

OK
AT+QSSLCFG=“cacert”,1,“UFS:cacert.pem”
OK

3.3. SSL Client Works in Buffer Access Mode

3.3.1. Set up a SSL Connection and Enter into Buffer Access Mode

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

AT+QSSLOPEN=2,1,4,"220.180.239.201",8010,0
OK
+QSSLOPEN: 4,0

//Set up SSL connection successfully

AT+QSSLSTATE
//Query status of all SSL connections
+QSSLSTATE: 4,"SSLClient","220.180.239.201",8010,0,2,2,0,0,"usbmodem",1
OK

3.3.2. Send Data in Buffer Access Mode
AT+QSSLSEND=4
> Test data from SSL

SEND OK

AT+QSSLSEND=4,18
> Test data from SSL
SEND OK

//Send changeable length data.

//Send fixed length data and the data length is 18

3.3.3. Receive Data in Buffer Access Mode
+QSSLURC: “recv”,4

//The  4 received data.

AT+QSSLRECV=4,1500
+QSSLRECV: 18
Test data from SSL

//Read data, the length is 1500
//The actual received data length is 18

OK

UC20_SSL_AT_Commands_Manual

Confidential / Released

21 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

AT+QSSLRECV=4,1500
+QSSLRECV: 0

//No Data in buffer

OK

3.3.4. Close SSL Connection
AT+QSSLCLOSE=4

OK

//Close a connection whose  is 4. Depending on the
Network, the maximum response time is 10s

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

3.4. SSL Client Works in Direct Push Mode

3.4.1. Set up a SSL Connection and Enter into Direct Push Mode
AT+QSSLOPEN= 2,1,4,"220.180.239.201",8011,1
OK
+QSSLOPEN: 4,0

//Set up SSL connection successfully

AT+QSSLSTATE
//Query status of all SSL connections
+QSSLSTATE: 4,"SSLClient","220.180.239.201",8011,0,2,2,0,1,"usbmodem",1
OK

3.4.2. Send Data in Direct Push Mode
AT+QSSLSEND=4
>Test data from SSL

SEND OK

//Send changeable length data

AT+QSSLSEND=4,18
>Test data from SSL
SEND OK

//Send fixed length data and the data length is 18

UC20_SSL_AT_Commands_Manual

Confidential / Released

22 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

3.4.3. Receive Data in Direct Push Mode
+QSSLURC: "recv",4,18
Test data from SSL

3.4.4. Close SSL Connection
AT+QSSLCLOSE=4
OK

//Close a connection whose  is 4. Depending on the Network,
the maximum response time is 10s

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

3.5. SSL Client Works in Transparent Access Mode

3.5.1. Set up a SSL Connection and Send Data in Transparent Access Mode

AT+QSSLOPEN= 2,1,4,"220.180.239.201",8011,2 //Set up a SSL connection
CONNECT
//Enter into transparent access mode
//Client is sending data from COM port to internet directly. (The data is
not visible in example)
OK
//Use “+++” or DTR (AT&D1 should be set) to exit from transparent
access mode, the “NO CARRIER” result code indicates that the
server stops the SSL connection

3.5.2. Set up a SSL Connection and Receive Data in Transparent Access Mode

AT+QSSLOPEN= 2,1,4,"220.180.239.201",8011,2 //Set up a SSL connection
CONNECT

//Client is reading data
OK
//Use “+++” or DTR (AT&D1 should be set) to exit from transparent
access mode, the “NO CARRIER” result code indicates that the server
stops the SSL connection

3.5.3. Close SSL Connection
AT+QSSLCLOSE=4

//Close a connection whose  is 4. Depending on the Network,
the maximum response time is 10s

OK

UC20_SSL_AT_Commands_Manual

Confidential / Released

23 / 24

UMTS/HSPA Module Series
UC20 SSL AT Commands Manual

4

Appendix A Reference

Table 3: Related Documents
SN

l
e
t
l
c
a
i
e
t
u
n
Q fide
n
o
C

Document Name

Remark

[1]

GSM 07.07

Digital cellular telecommunications (Phase 2+);
AT command set for GSM Mobile Equipment
(ME)

[2]

GSM 07.10

Support GSM 07.10 multiplexing protocol

[3]

UC20_TCPIP_AT_Commands_Manual

TCPIP AT commands manual

Table 4: Terms and Abbreviations
Abbreviation

Description

SSL

Security Socket Layer

DTR
DNS
PDP

UC20_SSL_AT_Commands_Manual

Data Terminal Ready

Domain Name Server
Packet Data Protocol

Confidential / Released

24 / 24



---

Source Exif Data:

File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.5
Linearized                      : No
XMP Toolkit                     : 3.1-701
Create Date                     : 2013:12:25 16:57+08:00
Creator Tool                    : Microsoft® Word 2010
Modify Date                     : 2013:12:25 17:01:42+08:00
Metadata Date                   : 2013:12:25 17:01:42+08:00
Producer                        : Microsoft® Word 2010
Format                          : application/pdf
Document ID                     : uuid:f1a92d17-0b58-4e45-9178-a3f005d5a96b
Instance ID                     : uuid:ddfc2bac-2dc6-4843-a5b5-777dab7923ea
Page Count                      : 25
Language                        : zh-CN
Creator                         : Microsoft® Word 2010

EXIF Metadata provided by EXIF.tools