search

peterhinch / micropython-mqtt

A 'resilient' asynchronous MQTT driver. Recovers from WiFi and broker outages.
MIT License
549 stars 116 forks source link

OpenSSL Error[0]: error:0A00010B:SSL routines::wrong version number #136

Closed Tico06 closed 3 months ago

Tico06 commented 3 months ago

Hi There,

I have setup a testing Mosquitto server, and able to use umqtt.simple to connect to with tls auth.

Now I am testing mqtt_as with same server, same configuration, same keys, I have the following error in Mosquitto logs:

2024-03-13T18:13:39: New connection from 192.168.0.14:57707 on port 8883.
2024-03-13T18:13:39: OpenSSL Error[0]: error:0A00010B:SSL routines::wrong version number
2024-03-13T18:13:39: Client <unknown> disconnected: Protocol error.

Both scripts on the same esp32-S2, thus same firmware: MicroPython v1.23.0-preview.9.gdc2a4e3cb.dirty on 2024-03-05; LOLIN_S2_MINI with ESP32-S2FN4R2

The script with mqtt_as:

from mqtt_as import MQTTClient, config
import ussl as ssl
import asyncio

# Local configuration
config['ssid'] = 'xxxxxx'  # Optional on ESP8266
config['wifi_pw'] = 'yyyyyyy'
config['server'] = '192.168.0.22'  # Change to suit e.g. 'iot.eclipse.org'

# This uses the CA cert, along with a user key & cert
# TLS certs & keys need to be in DER format on the Pico W

with open('/certs/ca-cert.der', 'rb') as f:
    ca_data = f.read()
f.close()
print('Read CA Certificate... OK')

with open('/certs/client-crt.der', 'rb') as f:
    user_cert = f.read()
f.close()
print('Read User Certificate... OK')

with open('/certs/client-key.der', 'rb') as f:
    user_key = f.read()
f.close()
print('Read User Key... OK')

#  This is the magic from @peterhinch and @Carglglz 
#  which fixes the 'TypeError: extra keyword arguments' problems. 
#  NOTE: 'do_handshake' needs DH dhparamfile on the server
config['port'] = 8883
config['ssl_params'] ={'key':user_key,
                       'cert':user_cert,
                       'cadata':ca_data,
                       'server_hostname':'192.168.0.22',
                       'server_side':False,
                       'cert_reqs':ssl.CERT_REQUIRED,
                       'do_handshake':True}

async def messages(client):  # Respond to incoming messages
    async for topic, msg, retained in client.queue:
        print((topic, msg, retained))

async def up(client):  # Respond to connectivity being (re)established
    while True:
        await client.up.wait()  # Wait on an Event
        client.up.clear()
        await client.subscribe('foo_topic', 1)  # renew subscriptions

async def main(client):
    await client.connect()
    for coroutine in (up, messages):
        asyncio.create_task(coroutine(client))
    n = 0
    while True:
        await asyncio.sleep(5)
        print('publish', n)
        # If WiFi is down the following will pause for the duration.
        await client.publish('result', '{}'.format(n), qos = 1)
        n += 1

config["queue_len"] = 1  # Use event interface with default queue size
MQTTClient.DEBUG = True  # Optional: print diagnostic messages
client = MQTTClient(config)
try:
    asyncio.run(main(client))
finally:
    client.close()  # Prevent LmacRxBlk:1 errors

I have no clue where to look.

Thanks and reg

Eric.

Tico06 commented 3 months ago

Replying to myself....

config['ssl'] = True

was missing in my script.