Secure IoT Data Transmission with SIMCom A7670E LTE over HTTPS/TLS

Onyeka EkwunifeOnyeka Ekwunife
3 min read

Table of contents

Why Security Matters in IoT

The Internet of Things (IoT) connects everyday devices like sensors and machines to the internet, enabling them to send data, report issues, and receive commands in real-time. This is used in industries like agriculture, healthcare, manufacturing, and energy.

But just like people can eavesdrop on an open conversation, hackers can intercept unprotected data if it is sent without encryption. That’s where HTTPS (Hypertext Transfer Protocol Secure) comes in, it protects communication between IoT devices and cloud servers using TLS (Transport Layer Security).

Using HTTPS helps to:

  • Protect data from being intercepted

  • Prevent fake or malicious servers from tricking your device (man-in-the-middle attacks)

  • Ensure the data is not changed during transfer

In this guide, we’ll show you how to use the SIMCom A7670E LTE module to safely send data to a server (like https://www.google.com) using HTTPS with TLS.

Step 1: Basic AT Commands for A7670E Setup

Before anything else, we need to make sure the A7670E module is powered and responding.

AT               // Check if module is responsive
AT+CSQ           // Check signal quality
AT+CGDCONT=1,"IP","internet.ng.airtel.com"   // Set your network APN
AT+NETOPEN       // Open the network

You should get OK responses if everything is working properly.

Step 2: Download the Server Certificate

To enable HTTPS, the module must trust the server. We need to get the server's TLS certificate and upload it.

Get the certificate:

Use this command on your computer to fetch Google's TLS certificate:

openssl s_client -connect google.com:443 -showcerts

Upload certificate to A7670E:

Let’s assume the certificate file is 1351 bytes in size: Send the below command, then the module will return >, immediately send the cacert

AT+CCERTDOWN="cacert.pem",1351

After uploading:

AT+CCERTLIST

You should see something like:

+CCERTLIST: "cacert.pem"
OK

Step 3: Configure SSL/TLS

Next, set the module to use TLS and the certificate using the commands below:

AT+CSSLCFG="sslversion",0,4          // Use TLS v1.2
AT+CSSLCFG="authmode",0,1            // Enable server authentication
AT+CSSLCFG="cacert",0,"cacert.pem"   // Use uploaded certificate
AT+CCHSET=1                          // Set connection mode
AT+CCHSTART                          // Start HTTPS engine
AT+CCHSSLCFG=0,0                     // Use SSL config ID 0 for socket 0

Step 4: Connect and Send HTTPS Request

Now, let’s connect to the secure server (HTTPS over port 443):

AT+CCHOPEN=0,"google.com",443,2

If successful, you’ll get:

OK
+CCHOPEN: 0,0

Now you can use AT+CCHSEND to send a GET, POST, PUT, or DELETE HTTP request as shown below:

AT+CCHSEND=0,<request length>

Then followed by the request proper on receiving >:

"GET / HTTP/1.1\r\n"
"Host: google.com\r\n"
"User-Agent: A7670E\r\n"
"Connection: close\r\n\r\n"

Conclusion

In today’s world, secure communication is a must for all IoT systems. Sending data without protection is risky. Using HTTPS with TLS ensures:

  • Your data is encrypted

  • You’re really connected to the correct server

  • Nobody tampers with the information

*** In next post, I will show how to perform GET and POST with STM32 and A7670E using Supabase

3
Subscribe to my newsletter

Read articles from Onyeka Ekwunife directly inside your inbox. Subscribe to the newsletter, and don't miss out.

embedded systemsTLSSSLiotIIoT Google

Written by

Onyeka Ekwunife
Onyeka Ekwunife

Embedded System | IoT | devOps