MCU that is capable of running a webserver with HTTPS, over wired ethernet

[lk]

Greetings,
I have some equipment that i need to remotely power control, and i would like to "design" a device that can do this for me. Its no big deal to do if i could get away with just HTTP. This i can be done with an arduino and a W5500.
Wired is needed, as there is no wireless at the spot where, i need to put up the device. If i had access to WiFi a esp8266 would do the job just fine.

In principle the type/brand of micro controller does not matter, however im not capable of writing any of the stacks that are needed. Ideally something that could be made to work from within the Arduino ide, or perhaps Mikroeletronica's C compilers would be fine aswell.

I dont want to use a SBC for this, i dont want to deal with the full overhead of an OS to run and patch.

So to make a list of what i would like to see.

1. MCU with wired ethernet through W5500 or similar is great
2. Webserver with HTTPS or SSH connection would be a good alternative
3. Programmable with the Arduino IDE, including sample HTTPS webserver/ssh servers would be ideal, so i only really have to deal with the hardware.

I cant possible be the only one with this need, or are systems like this done using SBS nowadays. Regular arduinos are not fast enough or have enough memory to deal with the encryption.


-lasse

[sokoloff]

I’ll answer your direct question, then give commentary/advice:
ESP32 can do what you want (it supports the Ethernet PHY, though most dev boards don’t have one).

If you’re looking to learn and entertain yourself, that’s a good path.
If you’re looking to solve the problem and move on with your life, buy a commercial (even if second hand) rack power controller. Failing that, use a cheap SBC with Ethernet PHY already present.

Except for educational value or to compete directly in the space, I see no need to design/build/debug something that I can readily and affordable buy in the market. When I want bacon and eggs, I start in the supermarket, not by buying a pig and chickens...

[MasterBuilder]

If you dont mind stepping outside the Arduino world, here is a suitable PIC part. There is no driver coding required here, follow the example in the harmony framework, tick the suitable boxes for the TCP/IP options and concentrate on developing the HTTP side of the project. This is all freely available and well documented from the Microchip website.

The PIC part and development kit:
https://www.microchip.com/DevelopmentTools/ProductDetails/DM320004-2
In my experience it works reasonably well.

[InterestedTom]

https://www.arduino.cc/en/Main/Products

Maybe the Arduino Yun or Arduino Ethernet would do the job? Or is the W5100 not good enough for HTTPS?

[lk]

Thank you sokoloff,

Im looking to learn, but i still wanted to keep it within a reasonable scope, i need to avoid what we in denmark call "Knobskyding", basically feature creep
I did not think to look at the esp32, but that might work.

In my experience, rather than buying a stock option, i would rather like another tool, to give me options in the future, to reuse

-lasse

I’ll answer your direct question, then give commentary/advice:
ESP32 can do what you want (it supports the Ethernet PHY, though most dev boards don’t have one).

If you’re looking to learn and entertain yourself, that’s a good path.
If you’re looking to solve the problem and move on with your life, buy a commercial (even if second hand) rack power controller. Failing that, use a cheap SBC with Ethernet PHY already present.

Except for educational value or to compete directly in the space, I see no need to design/build/debug something that I can readily and affordable buy in the market. When I want bacon and eggs, I start in the supermarket, not by buying a pig and chickens...

[capt bullshot]

A 22 EUR STM32 nucleo 144 board (STM32F4 / STM32F7) with ethernet on board.
You get free IDE / compilers and free libraries to handle the SSL / http stuff.
And the STM32F7 has enough Flash / RAM / CPU speed.
Beware of the learning curve, most of the time the provided SW doesn't work as expected on the first try, or has an obscure api for someone that is used to BSD style sockets.

[lk]

Thank you MasterBuilder,

I the architecture does not really matter, so PIC32 is good, however i cant find any references in the Microchip TCP/IP Stack to TLS or HTTPS(not that these things necessarily have anything to do with the TCPIP stack) , and i don't have the competences to add this myself.

-lasse

If you dont mind stepping outside the Arduino world, here is a suitable PIC part. There is no driver coding required here, follow the example in the harmony framework, tick the suitable boxes for the TCP/IP options and concentrate on developing the HTTP side of the project. This is all freely available and well documented from the Microchip website.

The PIC part and development kit:
https://www.microchip.com/DevelopmentTools/ProductDetails/DM320004-2
In my experience it works reasonably well.

[lk]

Thank Cpat Bullshot,

this looks promising, let me look at the STM boards

-lasse

[jbb]

TLS is nice, but does require some care.
1- you’ll need approx 40kB RAM (16 kB rx buffer, 16 kB tx buffer, some kB stack) for TLS. Buffers or less than 16kB can cause compatibility issues (e.g. may not work with your browser)
2- you’ll need a digital certificate for your server. This means you need to look at Certification Authorities (CAs). Some research required.
3- TLS without a server certificate is useless, because it can’t prevent a man in the middle attack

Possible TLS libraries: FreeRTOS TLS, MBED TLS, maybe TinyCrypt

How many units are you making?

The Zentri WIFi modules may be worth a look. They include HTTPS server functionality (you still need to worry about certificates!) and can host your own C code. You compile it in along with their libraries and OS.

[Phoenix]

Might also consider the TI MSP432 ethernet version. Dev board comes with the ethernet connector already - quite similar to the STM32.
http://www.ti.com/tool/MSP-EXP432E401Y

Apparently it uses LwIP stack. I find it's usually easy to setup TI micros examples when I can use their IDE and their compiler and TI-RTOS (TI fanboy). I can't vouch for this specific product though.

[Kjelt]

Since you require TLS does this mean this device is connected to the internet?
If so, all uC bets are off and you do need an SBC with OS and webserver software all maintained and regularly automatically updated with security patches.

[NivagSwerdna]

I have a couple of W5500 and enc28j60 in my parts box.  The intent was to wire them up to a PIC24 but I have never quite got around to it.

The simplest solution (which was used at my local hackspace for door access control) is a TI Launchpad?

https://store.ti.com/MSP-EXP432E401Y-SimpleLink-Ethernet-MSP432E401Y-MCU-LaunchPad-Development-Kit-P53200.aspx

Look at the price... total bargain for a one-off project

Or do you have other requirements... PoE? etc

[Reading thread a bit closer I see this has already been suggested... Great minds...]

[bson]

I'm curious why you need TLS?  Not suggesting you shouldn't use it, I'm just genuinely curious what your use case is.

[tpowell1830]

If you are just looking for something real cheap, a Raspberry Pi will do the job. I realize you said no full fledged OS, but it doesn't get simpler than RasPI.

Hope this helps...