Open colin-infersens opened 3 years ago
I use MQTTS with mosquitto and have it configured with a user and password for each device. I set the mqtt config dict as shown in https://github.com/tve/mqboard/blob/master/board/board_config_tmpl.py#L26-L33 except that I also add a "port": 4883
'cause that's what my broker listens to. Does this help?
Edit: I do use let's encrypt with a DNS verification to issue a public cert to my broker even though it's on a private network.
Thanks for the speedy response, Thorsten.
I had seen your board_config template example before, thank you, but I was interested in using client key and certificate .pem files, rather than username/pwd access; apologies, I should have made my original question a bit clearer!
Thanks again,
Colin
I have to admit that I have not used key/cert...
The ssl_params dict gets passed pretty much straight through to modssl.wrap_socket
converted into keyword args: https://github.com/tve/micropython/blob/tve-1.13/extmod/uasyncio/stream.py#L101-L117
So according to the docs you need something like ssl_params={"keyfile":"filename1","certfile":"filename2"}
...
But would you be surprised that that's not the implementation on the esp32? ... It seems to expect ssl_params={"key":"the key","cert":"the cert"}
. The values should be strings and are fed into mbedtls_pk_parse_key
and mbedtls_x509_crt_parse
. I'm pretty sure this test works: https://github.com/tve/micropython/blob/tve-1.13/tests/multi_net/ssl_data.py
Hope this helps ;-)
That's so helpful, Thorsten, thank you. I'll try that now and let you know how I get on. Many thanks, Colin
Great progress! Yes, need to add the options and send the info to the broker.
Hi Thorsten,
A bit of an update; I added @click.option
s for --user
and --pwd
in mqboard.py, then modified engine.py at line 31 to include:
if user and pwd:
self._mqclient.username_pw_set(user, pwd)
...and it seems to be working fine.
Thanks again for your help.
Kind regards,
Colin
Hi Thorsten,
I'm loving your work - this is an excellent model for remote communication and management of IoT devices - thanks.
I'd be really grateful if you could provide an example of ssl_params that would be required to enable me to use mqboard with an MQTT broker using TLS, please.
Many thanks,
Colin