search

esp8266 / Arduino

ESP8266 core for Arduino
GNU Lesser General Public License v2.1
16.06k stars 13.33k forks source link

MQTT TLS #5640

Closed DaveCalaway closed 5 years ago

DaveCalaway commented 5 years ago

Platform

Hi everyone, i have a question about TLS and the MQTT.

I would like to send a message from my ESP8266 to the Mosquitto Broker using MQTT + TLS.

Using this guide i understood:

Now i searched for a esp8266 example, i found some exercises with "BearSSL WiFi Classes".

This is my code:

#include <ESP8266WiFi.h>
#include <PubSubClient.h> // MQTT Client

WiFiClient espClient;
PubSubClient client(espClient);

const char ca_cert[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
XXXXXXX.......XXXX
-----END CERTIFICATE-----
)EOF";

void setup() {
        Serial.begin(9600);

        // WIFI connection
        setup_wifi();

        // MQTT TLS
        Serial.println("TLS");
        BearSSL::WiFiClientSecure TLSclient;
        BearSSL::X509List cert(ca_cert);
        TLSclient.setTrustAnchors(&cert);
        TLSclient.connect(mqtt_rasp, 8883);
        while (!TLSclient.connected()) {
          delay(10);
          }

        // MQTT
        Serial.println("MQTT");
        client.setServer(mqtt_rasp, 8883);
        client.setCallback(callback);
}

void loop() {
        // Wait for MQTT client
        if (!client.connected()) {
                reconnect();
        }
        client.loop();

        if ( millis() - oldtime > refrash ) {
                oldtime = millis();
                bool msg = 1;
                // MQTT Public
                Serial.print("Publish message: ");
                client.publish("outTopic", msg); //publish (topic, payload) 
        }
}

The callback, setup_wifi, and the variables are sets correctly.

The code doesn't go after the TLS check, someone can help me?

devyte commented 5 years ago

@DaveCalaway this is not the right place to request generic help. This is an issue tracker, meant to track issues in the core hosted in this repo. Off the top of my head, I suggest setting up a generic TLS server with your certificates and getting the ESP to connect to it. Then, once you fully understand how that works, continue on to MQTT. At a glance, you seem to be on the right track (you're setting up the wificlientsecure individually), but I can't tell if there's anything wrong. As a second suggestion, you might seek help from the MQTT lib author.

Closing due to 3rd party lib.

apanasara commented 5 years ago

@DaveCalaway : setclock so that certificate can be validated