mqtt ssl example certificate error in esp idf

jaimits
Posts: 2
Joined: Mon Apr 12, 2021 9:28 am

mqtt ssl example certificate error in esp idf

Postby jaimits » Mon Apr 12, 2021 9:59 am

Hii;

I am facing issue to connect wifi mqtt with ssl. i already generated client certificate and key. when i try to run example code
(esp-idf\examples\protocols\mqtt\ssl)i get below error.


E (7204) esp-tls-mbedtls: mbedtls_x509_crt_parse returned -0x2180
E (7204) esp-tls-mbedtls: Failed to set client pki context
E (7204) esp-tls-mbedtls: Failed to set client configurations
E (7214) esp-tls: create_ssl_handle failed
E (7214) esp-tls: Failed to open new connection
E (7214) TRANS_SSL: Failed to open a new connection
E (7224) MQTT_CLIENT: Error transport connect
I (7234) MQTTS_EXAMPLE: MQTT_EVENT_ERROR
I (7234) MQTTS_EXAMPLE: MQTT_EVENT_DISCONNECTED

can someone guide me what i m doing wrong???

Zoptune
Posts: 18
Joined: Mon May 27, 2019 11:02 pm

Re: mqtt ssl example certificate error in esp idf

Postby Zoptune » Tue Apr 13, 2021 5:43 pm

Hi jaimits,

As described in the logs, the problem here comes from the certificate :

Code: Select all

 E (7204) esp-tls-mbedtls: mbedtls_x509_crt_parse returned -0x2180
First you are saying that you created both client key and certificate but the example you are using (examples\protocols\mqtt\ssl) is only for server authentication.
For mutual authentication use the example examples\protocols\mqtt\ssl_mutual_auth

Then make sure that the commands you are using to generate certificates and keys are correct.
To create a self-signed certificate with openssl it should be something like :

Code: Select all

openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout client.key -out client.crt
To avoid errors you really need to understand how mutual auth and more generally PKI works.

Who is online

Users browsing this forum: No registered users and 151 guests