Azure HTTPS connections from SIMCOM cellular modem stopped working

Question

Azure HTTPS connections from SIMCOM cellular modem stopped working

Simon Exelby 5

Modem responds with error code 15 - had been working fine for several years until 28 March this year.

Quectel modems still connect OK.

Any ideas?

Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-02T06:23:52.9266667+00:00

Hi Simon Exelby

We are still waiting for your inputs. Hope the pointers shared has been useful to you.

Please let us know if you have any follow up queries.

Thank you.
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-03T08:11:27.4+00:00

Hi Simon Exelby

We have not heard from you. Hope the pointers were useful to you.

Thank you.
DJ 50 Reputation points

2025-04-04T04:47:19.2166667+00:00

Hi I am having the same issue a maintenance upgrade happened on 31st March that caused this. Please see my other post my devices have been working till this with no issue. The problem seems to start after the maintenance in West Europe
DJ 50 Reputation points

2025-04-04T04:50:37.48+00:00

@Simon Exelby iam using Quectel devices . Have you managed to solve your issue
DJ 50 Reputation points

2025-04-05T15:47:33.2133333+00:00

Ok If AT+CSSLCFG="sslversion",0,4 so it enables all settings, would that cause any compatibility issues all of a sudden?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-07T04:12:04.2233333+00:00

Hi DJ

AT+CSSLCFG="sslversion",0,4 will unlock TLS 1.3. So, it might bring incompatibility issue.

Recommended version is TLS 1.2, Please use AT+CSSLCFG="sslversion",0,3

Thank you.
DJ 50 Reputation points

2025-04-07T07:17:40.9033333+00:00

@Manas Mohanty we can not access the device to make these changes. Also is not a concern if the server is set to TLS 1.3 and it can be bypassed?
Aaron Houghton 16 Reputation points

2025-04-09T07:49:37.3833333+00:00

We have the same issue using SIMCom 7600G modules and Azure app service (UK South). Our customers have thousands of modules out in the field which we dont have access to.

We are making https POST requests to Azure app service.

Communication appeared to stop on the 27/03 approx 10pm GMT.

We have identified if we force the module to use TLS 1.2 it begins to work. Unfortunately we cant do this to modules already in the field.
DJ 50 Reputation points

2025-04-09T08:39:30.9066667+00:00

@Aaron Houghton

Yes there is some TLS hand shake issue, i hope Microsoft Azure @Manas Mohanty solve this ASAP, as its urgent
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-09T08:48:10.94+00:00

Hi DJ

We have escalated the other case you tagged to product team already. Informed App service team to look into it.

Please stay tuned on this case for update.

Thank you.
DJ 50 Reputation points

2025-04-09T09:40:27.9766667+00:00

@Manas MohantyThanks

It seems the request is not reaching the App service , so some stage prior to that its failing.

In addition to this we have noticed that if we force the function app to TLS 1.0 or 1.1, this also effect modems connecting to it.
DJ 50 Reputation points

2025-04-10T06:48:26.53+00:00

@Manas Mohanty Has there been any update from the product team?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-10T08:57:34.2566667+00:00

Hi DJ and Aaron Houghton •

TLS 1.0 and 1.1 are getting depreciate by Aug 31st.

https://azure.microsoft.com/en-us/updates?id=update-retirement-tls1-0-tls1-1-versions-azure-services

We can leverage Python SDK to update TLS version for all modem with AT command as payload

'AT+CSSLCFG="sslversion",0,3'

Please test with small number of devices for effect before rolling out for all devices.

Thank you.
DJ 50 Reputation points

2025-04-10T09:59:53.8766667+00:00

@Manas Mohanty

Yes, all new devices will only have SSL 0,3 enabled. But the issue is with the existing devices in the field, and it's still not 31 August.

The Azure Service change should not affect App Service according to:

https://learn.microsoft.com/en-us/azure/app-service/overview-tls

Note The retirement of TLS 1.1 and TLS 1.0 on Azure services doesn't affect applications running on Azure App Service, Azure Functions, or Azure Logic Apps (Standard). Applications on App Service, Azure Functions, or Logic Apps (Standard) that are configured to accept TLS 1.1 or TLS 1.0 for incoming requests continue to run unaffected.

The issue is clearly a handshake issue. Any update from product team from your side?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-10T10:29:19.3933333+00:00

Hi DJ

We have not received any update on the ticket escalated to PG.

will review with our FTE and get back to you.

Thank you.

Aaron Houghton 16

Our devices connect to a VM via a socket and automatically use TLS 1.2 fine WITHOUT having to set 'AT+CSSLCFG="sslversion",0,3' as below:

Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: CLIENT CONNECTED! TLS 1.2 Port:6001 [148.252.145.144:5364]
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Cipher: Aes256 strength 256
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Hash: None strength 0
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Key exchange: DiffieHellman strength 0
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Protocol: Tls12
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Is authenticated: True as server? True
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: IsSigned: True
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Is Encrypted: True
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Certificate revocation list checked: False
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Local cert was issued to CN=*****, O=****, S=*****, C=**** and is valid from 03/27/2024 13:49:53 until 06/13/2032 13:49:53.
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Remote certificate is null.
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Can read: True, write True
Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Can timeout: True

There is something a miss with the azure app service.

Aaron Houghton 16 Reputation points

2025-04-14T09:19:20.5+00:00

@Manas Mohanty I have been communicating with DJ and his devices have started working again.

The difference being he uses Azure functions, and we use app service. He opened a ticket and had a dedicated engineer. Do you have any information regarding a fix being implemented locally for his setup? and will a fix be rolled out globally?

Regards

Aaron
LeelaRajeshSayana-MSFT 17,766 Reputation points Moderator

2025-04-14T19:30:36.7533333+00:00

@Aaron Houghton I am checking to see if we can get more details on what the proposed fix is to resolve his issue. I will share more details on this thread once I find the potential solution.
Aaron Houghton 16 Reputation points

2025-04-16T13:17:40.2033333+00:00

Thanks @LeelaRajeshSayana-MSFT

Any updates please?
LeelaRajeshSayana-MSFT 17,766 Reputation points Moderator

2025-04-16T23:21:41.4766667+00:00

@Aaron Houghton Can you let us know your App service name to investigate the platform logs from the backend.
LeelaRajeshSayana-MSFT 17,766 Reputation points Moderator

2025-04-17T22:22:27.1366667+00:00

@Simon Exelby @Aaron Houghton Can you validate and confirm if you are still encountering this issue?

@Aaron Houghton If you still need assistance, can you please open a new thread so we can engage in private comments.

The issue with Function App arised due to a change with TLS handshake logic to reject requests which do not meet the MinTlsVersion requirement. This change was done to improve telemetry on the portal end and save some CPU cycles for extra processing of the handshake. However, in doing so, inadvertently, there was an exposed bug in the framework we use to parse TLS handshakes related to SSLv3.0 Unified Client Hello. This change has been reverted and added extra regression testing to ensure we do not regress again.
DJ 50 Reputation points

2025-04-18T08:41:58.05+00:00

@LeelaRajeshSayana-MSFT

Thanks, we are back to normal now. But can you check that this same issue does not arise on IoTHub and Blob storage, as there is going to be some TLS updates in August.
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-18T13:01:41.1033333+00:00

Hi Simon Exelby and DJ

Have updated above information from LeelaRajeshSayana-MSFT

The issue with Function App arised due to a change with TLS handshake logic to reject requests which do not meet the MinTlsVersion requirement. This change was done to improve telemetry on the portal end and save some CPU cycles for extra processing of the handshake. However, in doing so, inadvertently, there was an exposed bug in the framework we use to parse TLS handshakes related to SSLv3.0 Unified Client Hello. This change has been reverted and added extra regression testing to ensure we do not regress again.

It seems the suggestion on updating TLS version was correct

Thank you.
DJ 50 Reputation points

2025-04-18T13:30:41.6666667+00:00

@Manas Mohanty

Yes, it is working, but how can we ensure this same issue does not happen again or affect other resources?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-21T14:40:59.8266667+00:00

Hi DJ

I guess, we have to roll updates Minimum TLS version TLS 1.2 for IOT hub.

If the devices are connected as Device groups, probably we can send OTA (over the air) update from Device update section.

Note: Azure IoT Hub will end support for TLS 1.0 and 1.1 in alignment with the Azure wide service announcement for TLS 1.0 and 1.1 retirement on August 31, 2025.

https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-tls-support

Thank you.
DJ 50 Reputation points

2025-04-21T15:38:53.62+00:00

@Manas Mohanty

The issue was TLS handshake not being implemented on the server side correctly.

https://github.com/Azure/Azure-Functions/issues/2592#issuecomment-2816242138

I am aware of the TLS update to 1.2, which my device supports along with all previous versions.

What we would like to know is , if this bug that was outlined, is not implemented In IOT Hub updates.
Aaron Houghton 16 Reputation points

2025-04-22T12:49:32.6933333+00:00

@LeelaRajeshSayana-MSFT Thanks for the update. We ended up paying for premium support and raised a ticket / spoke with an engineer. Approval was given for tech support to engage with the Product Team yesterday and we are expecting more information by the end of wednesday. It has been confirmed as a TLS handshake error / selection of cipher suite. All our devices support TLS 1.2 and it sounds like a similar issue affecting our App Service situation to what has happened on Azure Functions.
dxxx0001 0 Reputation points

2025-04-24T15:28:04.0666667+00:00

@Manas Mohanty

We are having exactly the same issue with our Quectel Modem BG96 which uses SSL/TLS Auto Mode( which supports SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2) to do TLS Handshake and it fails to connect to our Web App on Azure IoT Hub. We already have ticket open since end of March 2025. No satisfactory response we have received yet. We have thousands of device on field which cant connect to server and hence cant chnage TLS mode for TLS 1.2 fixed.
Aaron Houghton 16 Reputation points

2025-04-25T07:16:30.97+00:00

Our devices started communicating again 23/04 approx 10pm GMT. Support confirmed they had fixed a bug on App Service which was the same bug that was fixed recently on Functions.

1 answer

Your answer

Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-02T06:23:52.9266667+00:00

Hi Simon Exelby

We are still waiting for your inputs. Hope the pointers shared has been useful to you.

Please let us know if you have any follow up queries.

Thank you.
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-03T08:11:27.4+00:00

Hi Simon Exelby

We have not heard from you. Hope the pointers were useful to you.

Thank you.
DJ 50 Reputation points

2025-04-04T04:47:19.2166667+00:00

Hi I am having the same issue a maintenance upgrade happened on 31st March that caused this. Please see my other post my devices have been working till this with no issue. The problem seems to start after the maintenance in West Europe
DJ 50 Reputation points

2025-04-04T04:50:37.48+00:00

@Simon Exelby iam using Quectel devices . Have you managed to solve your issue
DJ 50 Reputation points

2025-04-05T15:47:33.2133333+00:00

Ok If AT+CSSLCFG="sslversion",0,4 so it enables all settings, would that cause any compatibility issues all of a sudden?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-07T04:12:04.2233333+00:00

Hi DJ

AT+CSSLCFG="sslversion",0,4 will unlock TLS 1.3. So, it might bring incompatibility issue.

Recommended version is TLS 1.2, Please use AT+CSSLCFG="sslversion",0,3

Thank you.
DJ 50 Reputation points

2025-04-07T07:17:40.9033333+00:00

@Manas Mohanty we can not access the device to make these changes. Also is not a concern if the server is set to TLS 1.3 and it can be bypassed?
Aaron Houghton 16 Reputation points

2025-04-09T07:49:37.3833333+00:00

We have the same issue using SIMCom 7600G modules and Azure app service (UK South). Our customers have thousands of modules out in the field which we dont have access to.

We are making https POST requests to Azure app service.

Communication appeared to stop on the 27/03 approx 10pm GMT.

We have identified if we force the module to use TLS 1.2 it begins to work. Unfortunately we cant do this to modules already in the field.
DJ 50 Reputation points

2025-04-09T08:39:30.9066667+00:00

@Aaron Houghton

Yes there is some TLS hand shake issue, i hope Microsoft Azure @Manas Mohanty solve this ASAP, as its urgent
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-09T08:48:10.94+00:00

Hi DJ

We have escalated the other case you tagged to product team already. Informed App service team to look into it.

Please stay tuned on this case for update.

Thank you.
DJ 50 Reputation points

2025-04-09T09:40:27.9766667+00:00

@Manas MohantyThanks

It seems the request is not reaching the App service , so some stage prior to that its failing.

In addition to this we have noticed that if we force the function app to TLS 1.0 or 1.1, this also effect modems connecting to it.
DJ 50 Reputation points

2025-04-10T06:48:26.53+00:00

@Manas Mohanty Has there been any update from the product team?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-10T08:57:34.2566667+00:00

Hi DJ and Aaron Houghton •

TLS 1.0 and 1.1 are getting depreciate by Aug 31st.

https://azure.microsoft.com/en-us/updates?id=update-retirement-tls1-0-tls1-1-versions-azure-services

We can leverage Python SDK to update TLS version for all modem with AT command as payload

'AT+CSSLCFG="sslversion",0,3'

Please test with small number of devices for effect before rolling out for all devices.

Thank you.
DJ 50 Reputation points

2025-04-10T09:59:53.8766667+00:00

@Manas Mohanty

Yes, all new devices will only have SSL 0,3 enabled. But the issue is with the existing devices in the field, and it's still not 31 August.

The Azure Service change should not affect App Service according to:

https://learn.microsoft.com/en-us/azure/app-service/overview-tls

Note The retirement of TLS 1.1 and TLS 1.0 on Azure services doesn't affect applications running on Azure App Service, Azure Functions, or Azure Logic Apps (Standard). Applications on App Service, Azure Functions, or Logic Apps (Standard) that are configured to accept TLS 1.1 or TLS 1.0 for incoming requests continue to run unaffected.

The issue is clearly a handshake issue. Any update from product team from your side?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-10T10:29:19.3933333+00:00

Hi DJ

We have not received any update on the ticket escalated to PG.

will review with our FTE and get back to you.

Thank you.
Aaron Houghton 16 Reputation points

2025-04-10T10:44:03.5866667+00:00

Our devices connect to a VM via a socket and automatically use TLS 1.2 fine WITHOUT having to set 'AT+CSSLCFG="sslversion",0,3' as below:

Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: CLIENT CONNECTED! TLS 1.2 Port:6001 [148.252.145.144:5364] Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Cipher: Aes256 strength 256 Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Hash: None strength 0 Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Key exchange: DiffieHellman strength 0 Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Protocol: Tls12 Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Is authenticated: True as server? True Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: IsSigned: True Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Is Encrypted: True Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Certificate revocation list checked: False Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Local cert was issued to CN=*****, O=****, S=*****, C=**** and is valid from 03/27/2024 13:49:53 until 06/13/2032 13:49:53. Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Remote certificate is null. Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Can read: True, write True Apr 08 10:55:39 videxVM dotnet-gsm-socket[409105]: Can timeout: True

There is something a miss with the azure app service.
Aaron Houghton 16 Reputation points

2025-04-14T09:19:20.5+00:00

@Manas Mohanty I have been communicating with DJ and his devices have started working again.

The difference being he uses Azure functions, and we use app service. He opened a ticket and had a dedicated engineer. Do you have any information regarding a fix being implemented locally for his setup? and will a fix be rolled out globally?

Regards

Aaron
LeelaRajeshSayana-MSFT 17,766 Reputation points Moderator

2025-04-14T19:30:36.7533333+00:00

@Aaron Houghton I am checking to see if we can get more details on what the proposed fix is to resolve his issue. I will share more details on this thread once I find the potential solution.
Aaron Houghton 16 Reputation points

2025-04-16T13:17:40.2033333+00:00

Thanks @LeelaRajeshSayana-MSFT

Any updates please?
LeelaRajeshSayana-MSFT 17,766 Reputation points Moderator

2025-04-16T23:21:41.4766667+00:00

@Aaron Houghton Can you let us know your App service name to investigate the platform logs from the backend.
LeelaRajeshSayana-MSFT 17,766 Reputation points Moderator

2025-04-17T22:22:27.1366667+00:00

@Simon Exelby @Aaron Houghton Can you validate and confirm if you are still encountering this issue?

@Aaron Houghton If you still need assistance, can you please open a new thread so we can engage in private comments.

The issue with Function App arised due to a change with TLS handshake logic to reject requests which do not meet the MinTlsVersion requirement. This change was done to improve telemetry on the portal end and save some CPU cycles for extra processing of the handshake. However, in doing so, inadvertently, there was an exposed bug in the framework we use to parse TLS handshakes related to SSLv3.0 Unified Client Hello. This change has been reverted and added extra regression testing to ensure we do not regress again.
DJ 50 Reputation points

2025-04-18T08:41:58.05+00:00

@LeelaRajeshSayana-MSFT

Thanks, we are back to normal now. But can you check that this same issue does not arise on IoTHub and Blob storage, as there is going to be some TLS updates in August.
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-18T13:01:41.1033333+00:00

Hi Simon Exelby and DJ

Have updated above information from LeelaRajeshSayana-MSFT

The issue with Function App arised due to a change with TLS handshake logic to reject requests which do not meet the MinTlsVersion requirement. This change was done to improve telemetry on the portal end and save some CPU cycles for extra processing of the handshake. However, in doing so, inadvertently, there was an exposed bug in the framework we use to parse TLS handshakes related to SSLv3.0 Unified Client Hello. This change has been reverted and added extra regression testing to ensure we do not regress again.

It seems the suggestion on updating TLS version was correct

Thank you.
DJ 50 Reputation points

2025-04-18T13:30:41.6666667+00:00

@Manas Mohanty

Yes, it is working, but how can we ensure this same issue does not happen again or affect other resources?
Manas Mohanty 5,700 Reputation points Microsoft External Staff Moderator

2025-04-21T14:40:59.8266667+00:00

Hi DJ

I guess, we have to roll updates Minimum TLS version TLS 1.2 for IOT hub.

If the devices are connected as Device groups, probably we can send OTA (over the air) update from Device update section.

Note: Azure IoT Hub will end support for TLS 1.0 and 1.1 in alignment with the Azure wide service announcement for TLS 1.0 and 1.1 retirement on August 31, 2025.

https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-tls-support

Thank you.
DJ 50 Reputation points

2025-04-21T15:38:53.62+00:00

@Manas Mohanty

The issue was TLS handshake not being implemented on the server side correctly.

https://github.com/Azure/Azure-Functions/issues/2592#issuecomment-2816242138

I am aware of the TLS update to 1.2, which my device supports along with all previous versions.

What we would like to know is , if this bug that was outlined, is not implemented In IOT Hub updates.
Aaron Houghton 16 Reputation points

2025-04-22T12:49:32.6933333+00:00

@LeelaRajeshSayana-MSFT Thanks for the update. We ended up paying for premium support and raised a ticket / spoke with an engineer. Approval was given for tech support to engage with the Product Team yesterday and we are expecting more information by the end of wednesday. It has been confirmed as a TLS handshake error / selection of cipher suite. All our devices support TLS 1.2 and it sounds like a similar issue affecting our App Service situation to what has happened on Azure Functions.
dxxx0001 0 Reputation points

2025-04-24T15:28:04.0666667+00:00

@Manas Mohanty

We are having exactly the same issue with our Quectel Modem BG96 which uses SSL/TLS Auto Mode( which supports SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2) to do TLS Handshake and it fails to connect to our Web App on Azure IoT Hub. We already have ticket open since end of March 2025. No satisfactory response we have received yet. We have thousands of device on field which cant connect to server and hence cant chnage TLS mode for TLS 1.2 fixed.
Aaron Houghton 16 Reputation points

2025-04-25T07:16:30.97+00:00

Our devices started communicating again 23/04 approx 10pm GMT. Support confirmed they had fixed a bug on App Service which was the same bug that was fixed recently on Functions.

Answer 1

Hi Simon Exelby

Could you share the full error description on error 15 along the reference document.

Error 15 seems to be handshake issue as per SIMCOM manual .

Here are proposed Steps to Fix Handshake Error with SIMCOM Modems:

Check SSL/TLS Configuration:

Ensure that the SSL/TLS version configured on the modem matches the version supported by Azure. You can use the AT+CSSLCFG="sslversion",<context_id>,<version> command to set the SSL version. For example, to set it to TLS 1.2, you would use AT+CSSLCFG="sslversion",0,3.

Verify Certificates:

Make sure that the correct certificates are downloaded and installed on the modem. Use the AT+CCERTDOWN command to download the certificate and AT+CCERTLIST to list the installed certificates. Ensure that the root CA certificate used by Azure is present on the modem.

Set Authentication Mode:

Configure the authentication mode using the AT+CSSLCFG="authmode",<context_id>,<mode> command. For example, to set it to server authentication only, use AT+CSSLCFG="authmode",0,1.

Configure SSL Context:

Use the AT+CSSLCFG command to configure the SSL context. This includes setting the cipher suite, SSL version, and other parameters. Ensure that the settings match the requirements of the Azure service you are connecting to.

Establish PDP Context:

Before initiating the HTTPS connection, ensure that the PDP context is activated using the AT+CGACT command.

Date/Time Sync Issue:

Ensure that the date and time settings on your modem are correct. Incorrect date and time settings can cause SSL/TLS handshake errors. Use the AT+CCLK command to set the correct date and time.

Check for Typos in URL:

Double-check the URL you are using for the HTTPS connection to ensure there are no typos. Even a small typo can prevent the connection from being established.

Initiate HTTPS Connection:

Use the appropriate AT commands to initiate the HTTPS connection. For example, AT+CHTTPSSTART to start the HTTPS service and AT+CHTTPSOPSE to open the HTTPS session.

Example AT Command Sequence:

AT+CSSLCFG="sslversion",0,3
AT+CSSLCFG="authmode",0,1
AT+CCERTDOWN="cacert",0,"server_ca.pem"
AT+CCERTLIST
AT+CGACT=1,1
AT+CCLK="yy/MM/dd,hh:mm:ss"
AT+CHTTPSSTART
AT+CHTTPSOPSE="https://your-azure-endpoint",443

Found relevant thread for reference.

Update on 18th April 2025

The issue with Function App arised due to a change with TLS handshake logic to reject requests which do not meet the MinTlsVersion requirement. This change was done to improve telemetry on the portal end and save some CPU cycles for extra processing of the handshake. However, in doing so, inadvertently, there was an exposed bug in the framework we use to parse TLS handshakes related to SSLv3.0 Unified Client Hello. This change has been reverted and added extra regression testing to ensure we do not regress again.

Thank you.

Share via

Azure HTTPS connections from SIMCOM cellular modem stopped working

1 answer

Your answer