search

sroebert / mqtt-nio

Non-blocking, event-driven Swift client for MQTT (3.1.1 and 5.0).
MIT License
53 stars 13 forks source link

Unit Test For testTransportServicesTLS #22

Open Paintjed opened 9 months ago

Paintjed commented 9 months ago

Hi, I'm trying to introduce SSL/TLS with MQTT. Initially, I followed the README and ran the MQTT broker with Docker. Then I ran this "testTransportServicesTLS" case. However, I encountered the following error logs:

Test Case '-[MQTTNIOTests.ConnectTests testTransportServicesTLS]' started. 2023-12-07T18:06:07+0800 notice nl.roebert.MQTTNIO : target=host("localhost", port: 8883) [MQTTNIO] Connecting to broker 2023-12-07T18:06:07+0800 error nl.roebert.MQTTNIO : error=Error Domain=NSOSStatusErrorDomain Code=-67604 "“CA” certificate is not standards compliant" UserInfo={NSLocalizedDescription=“CA” certificate is not standards compliant, NSUnderlyingError=0x600000c71230 {Error Domain=NSOSStatusErrorDomain Code=-67604 "Certificate 1 “CA” has errors: Basic constraints are required but missing;" UserInfo={NSLocalizedDescription=Certificate 1 “CA” has errors: Basic constraints are required but missing;}}} [MQTTNIO] Certificate validation failed 2023-12-07 18:06:07.148248+0800 xctest[40061:1061651] [boringssl] boringssl_context_handle_fatal_alert(2072) [C1.1.1:1][0x106009f80] write alert, level: fatal, description: certificate unknown 2023-12-07 18:06:07.148445+0800 xctest[40061:1061651] [boringssl] boringssl_context_error_print(2062) [C1.1.1:1][0x106009f80] Error: 4338045232:error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED:/Library/Caches/com.apple.xbs/Sources/boringssl_Sim/ssl/handshake.cc:419: 2023-12-07 18:06:07.148860+0800 xctest[40061:1061651] [boringssl] boringssl_session_handshake_incomplete(210) [C1.1.1:1][0x106009f80] SSL library error 2023-12-07 18:06:07.148980+0800 xctest[40061:1061651] [boringssl] boringssl_session_handshake_error_print(44) [C1.1.1:1][0x106009f80] Error: 4338045232:error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED:/Library/Caches/com.apple.xbs/Sources/boringssl_Sim/ssl/handshake.cc:419: 2023-12-07 18:06:07.149162+0800 xctest[40061:1061651] [boringssl] nw_protocol_boringssl_handshake_negotiate_proceed(779) [C1.1.1:1][0x106009f80] handshake failed at state 12288: not completed

Are there any steps that I might have missed?

sroebert commented 2 months ago

Did you generate the certificates? The README could probably be better, but it does state: "first generate self signed certificates"

You can use the generate.sh script for this.