TLS connection error:0/i replace GlobalSign root CA,but cant connect

excxapp commented 4 years ago

PROBLEM DESCRIPTION

A clear and concise description of what the problem is. 1.I change file tasmota_ca.ino and add GlobalSign root CA program

and add

// tlsClient->setTrustAnchor(&GlobalSignTAs);
// tlsClient->setTrustAnchor(&LetsEncryptX3CrossSigned_TA);
tlsClient->setTrustAnchor(&GlobalSignTAs);

but when connect to mqttserver ,i receice error: TLS connection error: 0

REQUESTED INFORMATION

Make sure your have performed every step and checked the applicable boxes before submitting your issue. Thank you!

[ ] Read the Contributing Guide and Policy and the Code of Conduct
[ ] Searched the problem in issues
[ ] Searched the problem in the docs
[ ] Searched the problem in the forum
[ ] Searched the problem in the chat
[x ] Device used (e.g., Sonoff Basic): Sonoff Basic
[x ] Tasmota binary firmware version number used: _____
- [ ] Pre-compiled
- [ ] Self-compiled
- [x] IDE / Compiler used: gitpod
[x ] Flashing tools used: ota
[ ] Provide the output of command: Backlog Template; Module; GPIO 255:
```
Configuration output here:
```

- [ ] If using rules, provide the output of this command: `Backlog Rule1; Rule2; Rule3`:

Rules output here:

- [ ] Provide the output of this command: `Status 0`:

STATUS 0 output here:

- [x ] Provide the output of the Console log output when you experience your issue; if applicable:
  _(Please use_ `weblog 4` _for more debug information)_

Console output here: 07:26:34 MQT: TLS connection error: 0 07:26:34 MQT: 连接失败:xxxxxxxx.com:1884, rc 5. 重试倒计时: 10 秒



### TO REPRODUCE
_Steps to reproduce the behavior:_
can see my commit https://github.com/excxapp/Tasmota/commit/9a4ccb0f7190d0218f0e307b6edcddb9ace904b7

### EXPECTED BEHAVIOUR
_A clear and concise description of what you expected to happen._

### SCREENSHOTS
_If applicable, add screenshots to help explain your problem._

### ADDITIONAL CONTEXT
_Add any other context about the problem here._

**(Please, remember to close the issue when the problem has been addressed)**

excxapp commented 4 years ago

ca code


static const unsigned char PROGMEM TA0_DN[] = {
        0x30, 0x4C, 0x31, 0x20, 0x30, 0x1E, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13,
        0x17, 0x47, 0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x53, 0x69, 0x67, 0x6E, 0x20,
        0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41, 0x20, 0x2D, 0x20, 0x52, 0x33,
        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0A, 0x47,
        0x6C, 0x6F, 0x62, 0x61, 0x6C, 0x53, 0x69, 0x67, 0x6E, 0x31, 0x13, 0x30,
        0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0A, 0x47, 0x6C, 0x6F, 0x62,
        0x61, 0x6C, 0x53, 0x69, 0x67, 0x6E
};

static const unsigned char PROGMEM TA0_RSA_N[] = {
        0xCC, 0x25, 0x76, 0x90, 0x79, 0x06, 0x78, 0x22, 0x16, 0xF5, 0xC0, 0x83,
        0xB6, 0x84, 0xCA, 0x28, 0x9E, 0xFD, 0x05, 0x76, 0x11, 0xC5, 0xAD, 0x88,
        0x72, 0xFC, 0x46, 0x02, 0x43, 0xC7, 0xB2, 0x8A, 0x9D, 0x04, 0x5F, 0x24,
        0xCB, 0x2E, 0x4B, 0xE1, 0x60, 0x82, 0x46, 0xE1, 0x52, 0xAB, 0x0C, 0x81,
        0x47, 0x70, 0x6C, 0xDD, 0x64, 0xD1, 0xEB, 0xF5, 0x2C, 0xA3, 0x0F, 0x82,
        0x3D, 0x0C, 0x2B, 0xAE, 0x97, 0xD7, 0xB6, 0x14, 0x86, 0x10, 0x79, 0xBB,
        0x3B, 0x13, 0x80, 0x77, 0x8C, 0x08, 0xE1, 0x49, 0xD2, 0x6A, 0x62, 0x2F,
        0x1F, 0x5E, 0xFA, 0x96, 0x68, 0xDF, 0x89, 0x27, 0x95, 0x38, 0x9F, 0x06,
        0xD7, 0x3E, 0xC9, 0xCB, 0x26, 0x59, 0x0D, 0x73, 0xDE, 0xB0, 0xC8, 0xE9,
        0x26, 0x0E, 0x83, 0x15, 0xC6, 0xEF, 0x5B, 0x8B, 0xD2, 0x04, 0x60, 0xCA,
        0x49, 0xA6, 0x28, 0xF6, 0x69, 0x3B, 0xF6, 0xCB, 0xC8, 0x28, 0x91, 0xE5,
        0x9D, 0x8A, 0x61, 0x57, 0x37, 0xAC, 0x74, 0x14, 0xDC, 0x74, 0xE0, 0x3A,
        0xEE, 0x72, 0x2F, 0x2E, 0x9C, 0xFB, 0xD0, 0xBB, 0xBF, 0xF5, 0x3D, 0x00,
        0xE1, 0x06, 0x33, 0xE8, 0x82, 0x2B, 0xAE, 0x53, 0xA6, 0x3A, 0x16, 0x73,
        0x8C, 0xDD, 0x41, 0x0E, 0x20, 0x3A, 0xC0, 0xB4, 0xA7, 0xA1, 0xE9, 0xB2,
        0x4F, 0x90, 0x2E, 0x32, 0x60, 0xE9, 0x57, 0xCB, 0xB9, 0x04, 0x92, 0x68,
        0x68, 0xE5, 0x38, 0x26, 0x60, 0x75, 0xB2, 0x9F, 0x77, 0xFF, 0x91, 0x14,
        0xEF, 0xAE, 0x20, 0x49, 0xFC, 0xAD, 0x40, 0x15, 0x48, 0xD1, 0x02, 0x31,
        0x61, 0x19, 0x5E, 0xB8, 0x97, 0xEF, 0xAD, 0x77, 0xB7, 0x64, 0x9A, 0x7A,
        0xBF, 0x5F, 0xC1, 0x13, 0xEF, 0x9B, 0x62, 0xFB, 0x0D, 0x6C, 0xE0, 0x54,
        0x69, 0x16, 0xA9, 0x03, 0xDA, 0x6E, 0xE9, 0x83, 0x93, 0x71, 0x76, 0xC6,
        0x69, 0x85, 0x82, 0x17
};

static const unsigned char PROGMEM TA0_RSA_E[] = {
        0x01, 0x00, 0x01
};

static const br_x509_trust_anchor PROGMEM GlobalSignTAs = {

                { (unsigned char *)TA0_DN, sizeof TA0_DN },
                BR_X509_TA_CA,
                {
                        BR_KEYTYPE_RSA,
                        { .rsa = {
                                (unsigned char *)TA0_RSA_N, sizeof TA0_RSA_N,
                                (unsigned char *)TA0_RSA_E, sizeof TA0_RSA_E,
                        } }
                }

};
#define TAs_NUM   1

ascillato commented 4 years ago

Please, could you be so kind on completing the troubleshooting template in order to have more information so as to properly help you?

Remember to read the Contributing Guideline and Policy. Thanks.

Support Information (Guide)

See Wiki for more information. See Chat for more user experience. See Community for forum. See Code of Conduct

excxapp commented 4 years ago

Information

i change this tls code, and add root ca, and complete it in front msg

s-hadinger commented 4 years ago

From your logs, TLS connection error: 0 means the TLS connection went ok. rc:5 means MQTT_CONNECT_UNAUTHORIZED. The MQTT refused the connection, maybe due to incorrect user/password.

excxapp commented 4 years ago

ok, solute,i re complie,and if port is 1883 case tls, and ok

arendst / Tasmota