DII
DevHeads IoT Integration Server4w ago
Boss lady

Establish a secure MQTT connection to a broker using TLS on an ESP32

@Middleware & OS Hello everyone, I have a code that I'm trying to use to establish a secure MQTT connection to a broker using TLS on an ESP32. However, I keep getting an undefined error when calling espClient.setCACert(test_root_ca). In order to fix this error, I need to generate a CA certificate using 
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
and replace "YOUR_CA_CERTIFICATE_HERE" with the generated certificate. Can anyone help me with this issue? Thank you. Here's the code I'm using: 
#include <WiFi.h>
#include <WiFiClientSecure.h>

const char* ssid = "your_SSID";
const char* password = "your_PASSWORD";
const char* mqtt_server = "broker.hivemq.com";

WiFiClientSecure espClient;
PubSubClient client(espClient);

void setup() {
  Serial.begin(115200);
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
    delay(1000);
    Serial.println("Connecting to WiFi...");
  }
  espClient.setCACert(test_root_ca);
  client.setServer(mqtt_server, 8883);
  client.setCallback(callback);
}

void callback(char* topic, byte* message, unsigned int length) {
  Serial.print("Message arrived on topic: ");
  Serial.print(topic);
  Serial.print(". Message: ");
  String messageTemp;
  for (int i = 0; i < length; i++) {
    messageTemp += (char)message[i];
  }
  Serial.println(messageTemp);
}

void loop() {
  if (!client.connected()) {
    reconnect();
  }
  client.loop();
}

void reconnect() {
  while (!client.connected()) {
    Serial.print("Attempting MQTT connection...");
    if (client.connect("ESP32Client")) {
      Serial.println("connected");
      client.subscribe("test/topic");
    } else {
      Serial.print("failed, rc=");
      Serial.print(client.state());
      Serial.println(" try again in 5 seconds");
      delay(5000);
    }
  }
}

static const char test_root_ca[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
YOUR_CA_CERTIFICATE_HERE
-----END CERTIFICATE-----
)EOF";
#include <WiFi.h>
#include <WiFiClientSecure.h>

const char* ssid = "your_SSID";
const char* password = "your_PASSWORD";
const char* mqtt_server = "broker.hivemq.com";

WiFiClientSecure espClient;
PubSubClient client(espClient);

void setup() {
  Serial.begin(115200);
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
    delay(1000);
    Serial.println("Connecting to WiFi...");
  }
  espClient.setCACert(test_root_ca);
  client.setServer(mqtt_server, 8883);
  client.setCallback(callback);
}

void callback(char* topic, byte* message, unsigned int length) {
  Serial.print("Message arrived on topic: ");
  Serial.print(topic);
  Serial.print(". Message: ");
  String messageTemp;
  for (int i = 0; i < length; i++) {
    messageTemp += (char)message[i];
  }
  Serial.println(messageTemp);
}

void loop() {
  if (!client.connected()) {
    reconnect();
  }
  client.loop();
}

void reconnect() {
  while (!client.connected()) {
    Serial.print("Attempting MQTT connection...");
    if (client.connect("ESP32Client")) {
      Serial.println("connected");
      client.subscribe("test/topic");
    } else {
      Serial.print("failed, rc=");
      Serial.print(client.state());
      Serial.println(" try again in 5 seconds");
      delay(5000);
    }
  }
}

static const char test_root_ca[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
YOUR_CA_CERTIFICATE_HERE
-----END CERTIFICATE-----
)EOF";
Solution:
@Boss lady your code looks correct to me and should run perfectly well without any issues once all required parameters are field, just in case this is what it looked like once I tried it out ```cpp #include <WiFi.h> #include <WiFiClientSecure.h> ...
Jump to solution
1 Reply
Solution
Enthernet Code
Enthernet Code4w ago
@Boss lady your code looks correct to me and should run perfectly well without any issues once all required parameters are field, just in case this is what it looked like once I tried it out 
#include <WiFi.h>
#include <WiFiClientSecure.h>

const char* ssid = "your_SSID";
const char* password = "your_PASSWORD";
const char* mqtt_server = "broker.hivemq.com";

WiFiClientSecure espClient;
PubSubClient client(espClient);

void setup() {
  Serial.begin(115200);
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
    delay(1000);
    Serial.println("Connecting to WiFi...");
  }
  espClient.setCACert(test_root_ca);
  client.setServer(mqtt_server, 8883);
  client.setCallback(callback);
}

void callback(char* topic, byte* message, unsigned int length) {
  Serial.print("Message arrived on topic: ");
  Serial.print(topic);
  Serial.print(". Message: ");
  String messageTemp;
  for (int i = 0; i < length; i++) {
    messageTemp += (char)message[i];
  }
  Serial.println(messageTemp);
}

void loop() {
  if (!client.connected()) {
    reconnect();
  }
  client.loop();
}

void reconnect() {
  while (!client.connected()) {
    Serial.print("Attempting MQTT connection...");
    if (client.connect("ESP32Client")) {
      Serial.println("connected");
      client.subscribe("test/topic");
    } else {
      Serial.print("failed, rc=");
      Serial.print(client.state());
      Serial.println(" try again in 5 seconds");
      delay(5000);
    }
  }
}

static const char test_root_ca[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAK5tdeuXKHVWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
...
U9uHgT3UtNymf6O9Dp+u3e5VzXk=
-----END CERTIFICATE-----
)EOF";
#include <WiFi.h>
#include <WiFiClientSecure.h>

const char* ssid = "your_SSID";
const char* password = "your_PASSWORD";
const char* mqtt_server = "broker.hivemq.com";

WiFiClientSecure espClient;
PubSubClient client(espClient);

void setup() {
  Serial.begin(115200);
  WiFi.begin(ssid, password);
  while (WiFi.status() != WL_CONNECTED) {
    delay(1000);
    Serial.println("Connecting to WiFi...");
  }
  espClient.setCACert(test_root_ca);
  client.setServer(mqtt_server, 8883);
  client.setCallback(callback);
}

void callback(char* topic, byte* message, unsigned int length) {
  Serial.print("Message arrived on topic: ");
  Serial.print(topic);
  Serial.print(". Message: ");
  String messageTemp;
  for (int i = 0; i < length; i++) {
    messageTemp += (char)message[i];
  }
  Serial.println(messageTemp);
}

void loop() {
  if (!client.connected()) {
    reconnect();
  }
  client.loop();
}

void reconnect() {
  while (!client.connected()) {
    Serial.print("Attempting MQTT connection...");
    if (client.connect("ESP32Client")) {
      Serial.println("connected");
      client.subscribe("test/topic");
    } else {
      Serial.print("failed, rc=");
      Serial.print(client.state());
      Serial.println(" try again in 5 seconds");
      delay(5000);
    }
  }
}

static const char test_root_ca[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAK5tdeuXKHVWMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
...
U9uHgT3UtNymf6O9Dp+u3e5VzXk=
-----END CERTIFICATE-----
)EOF";
Want results from more Discord servers?
Add your server
More Posts
utilize a microcontroller's GPIO pins to control peripheral devices in an IoT embedded software in CHello guys how can i utilize a microcontroller's GPIO pins to control peripheral devices in an IoT eManaging Relay Sequences with Non-Blocking Delays on Arduino LeonardoHello everyone 👋🏻, I have a small issue. I programmed some Leonardo boards to execute relay sequenWhy Certain Untracked Folders Are Not Stashed with git stash -u?Good day everyone, please I used git stash -u to stash changes. While some untracked files were stashow do I use AWS IoT Core to send telemetry data from an edge device@Middleware & OS Hey guys how do I use AWS IoT Core to send telemetry data from an edge device usinEnsuring Synchronization and Reliability of Custom Device Logs with AWS IoT CloudHey guys @IoT Cloud I need to ensure custom device logs, like ambient temperature data sent every 3 Looking for some help with getting Clock output on MCO1 (PA8) from LSELooking for some help with getting Clock output on MCO1 (PA8) from LSE here's a snippet of what I am