This is an automated archive.

The original was posted on /r/openssl by /u/BarberImmediate5554 on 2023-07-06 06:52:10+00:00.


This is the first time I am publishing data over mqtt with SSL/tos and I am stuck at this error when I enable SSL/tls , please help.( Using esp32)

include <SPI.h>

include <WiFi.h>

include <SSLClient.h>

include “certificates.h”

include <PubSubClient.h>

const char* ssid = “blah blah”; const char* password = “blah blah”; const char* mqttBroker = “blah blah”; const char* mqttUsername = “blah blah”; const char* mqttPassword = “”; int rand_pin = 5; const char my_cert[] =
“-----BEGIN CERTIFICATE-----\n” “blah blah” “-----END CERTIFICATE-----”; const char my_key[] =
“-----BEGIN CERTIFICATE-----\n” “blah blah” “-----END CERTIFICATE-----”;

WiFiClient wifiClient; SSLClient wifiClientSSL(wifiClient, TAs, (size_t)TAs_NUM, rand_pin); PubSubClient client(wifiClientSSL);

void callback(char* topic, byte* payload, unsigned int length) { Serial.print(“Message arrived [”); Serial.print(topic); Serial.print("] "); for (int i=0;i<length;i++) { Serial.print((char)payload[i]); } Serial.println(); }

void reconnect() { while (!client.connected()) { Serial.println(“Connecting to MQTT server…”); if (client.connect(“ESP32Client”, mqttUsername, mqttPassword)) { Serial.println(“Connected to MQTT server”); } else { Serial.print(“Failed to connect to MQTT server, rc=”); Serial.print(client.state()); Serial.println(" Retrying in 5 seconds…"); delay(5000); } } }

void setup() { Serial.begin(19200); delay(4000); WiFi.begin(ssid, password); while (WiFi.status() != WL_CONNECTED) { delay(1000); Serial.println(“Connecting to WiFi…”); } Serial.println(“Connected to the WiFi network”);

bool EnableSSL = true;

if (EnableSSL) { callMQTTS(); } else { callMQTT(); } }

void callMQTTS() { SSLClientParameters mTLS = SSLClientParameters::fromPEM(my_cert, sizeof my_cert, my_key, sizeof my_key); wifiClientSSL.setMutualAuthParams(mTLS); client.setServer(mqttBroker, 8883); client.setCallback(callback); }

void callMQTT() { client.setServer(mqttBroker, 1883); client.setCallback(callback); }

void publishToServer(const char* variable, float value) { char payload[50]; sprintf(payload, “{"%s": %.2f}”, variable, value); client.publish(“blah blah”, payload); }

void loop() { if (!client.connected()) { reconnect(); } client.loop();

float MQTTtest_var = 99999;

publishToServer(“mqttsTest_var”, MQTTtest_var); Serial.print("Published data: mqttsTest_var = "); Serial.println(MQTTtest_var); delay(10000);

}

certificates.h:-

ifndef CERTIFICATES_H

define CERTIFICATES_H

ifdef __cplusplus

extern “C” {

endif

define TAs_NUM 1

static const unsigned char TA_DN0[] = { //blah blah };

static const unsigned char TA_RSA_N0[] = { //blah blah };

static const unsigned char TA_RSA_E0[] = { //blah blah };

static const br_x509_trust_anchor TAs[] = { { { (unsigned char *)TA_DN0, sizeof TA_DN0 }, BR_X509_TA_CA, { BR_KEYTYPE_RSA, { .rsa = { (unsigned char *)TA_RSA_N0, sizeof TA_RSA_N0, (unsigned char *)TA_RSA_E0, sizeof TA_RSA_E0, } } } }, };

ifdef __cplusplus

}

endif

endif

Serial Monitor:-

Connecting to WiFi… Connected to the WiFi network Connecting to MQTT server… (SSLClient)(SSL_WARN)(m_run_until): Terminating because the ssl engine closed (SSLClient)(SSL_ERROR)(m_start_ssl): Failed to initlalize the SSL layer (SSLClient)(SSL_ERROR)(m_print_br_error): Chain could not be linked to a trust anchor. See https://github.com/OPEnSLab-OSU/SSLClient/blob/master/TrustAnchors.md Failed to connect to MQTT server, rc=-2 Retrying in 5 seconds…