Closed ThetaGamma closed 7 months ago
We have tree possible cases:
Solutions:
[ ] enable TLS
and set insecure only for empty cert with enabled TLSTLS root certificate (leave blank to disable TLS, enter 'insecure' for insecure TLS connection)
, and remove the port-dependent setting to insecure.@proddy What do you prefere?
tested 3.6.5-dev.3 and problem is fixed. Great Job - Thanks!
PROBLEM DESCRIPTION
I want to use MQTT but not TLS and port 31883. According to https://github.com/emsesp/EMS-ESP32/blob/e00eb8e64f1926a6eda8075c34afd8cca38a37d6/lib/framework/MqttSettingsService.cpp#L380-L382 a empty cert and port > 8800 should make a insecure MQTT connection. tcpdump on the MQTT Server (Mosquito 1.6.3) shows Ems-esp makes a TLS connection .
REQUESTED INFORMATION
TO REPRODUCE
EXPECTED BEHAVIOUR
Non-TLS connection opened
ADDITIONAL CONTEXT
discussed on EMS-ESP Discord Channel MQTT
Summary: Looking into MqttSettingsService.cpp My gut feeling is that it's related to the fact setting _state.rootCA to the string "insecure" (and not an real empty string) and testing e.g. in line 60 for _state.rootCA.length() > 0 to enable TLS
Digging deeper into the code of MqttSettingsService.cpp: In case I understand the function MqttSettingsService::configureMqtt correct, a "secure MQTT connection" is made, if (_state.rootCA.length() > 0) - which is always true if it's set to the string "insecure"