<![CDATA[wolfSSL - Embedded SSL Library — ESP32-Arduino MQTT Lock up]]> https://www.wolfssl.com/forums/topic1527-esp32arduino-mqtt-lock-up.html Mon, 30 Mar 2020 13:46:04 +0000 PunBB <![CDATA[Re: ESP32-Arduino MQTT Lock up]]> https://www.wolfssl.com/forums/post5180.html#p5180 Hi rvogel,

Your code looks correct for loading a trusted CA. I would suggest its not locking up, but instead is taking a long time. Internally its doing an asymmetric verify operation. Are you able to see with a debugger where its "locking up". Have you confirmed you have enough stack/heap available? Is this an ECC or RSA certificate? Have you tried enabling debug logging? To do so define DEBUG_WOLFSSL and call wolfSSL_Debugging_ON();. If you want to redirect to printf instead of the default sprintf(stderr define `WOLFSSL_LOG_PRINTF`.

Thanks,
David Garske, wolfSSL

]]> Mon, 30 Mar 2020 13:46:04 +0000 https://www.wolfssl.com/forums/post5180.html#p5180 <![CDATA[ESP32-Arduino MQTT Lock up]]> https://www.wolfssl.com/forums/post5177.html#p5177 I have installed wolfSSL and wolfMQTT for the Arduino IDE. I've reworked the wolfMQTT example code for WiFi instead of Ethernet since I'm using an ESP32 dev board.

I have a cert that is already being used in a non-wolfSSL implementation and connects to a mosquitto broker. The cert is loaded into the code as:

const char* ca_cert = \
                      "-----BEGIN CERTIFICATE-----\n" \
                     --------cert code here-------------
                      "-----END CERTIFICATE-----\n";

How would I load the cert? This is what I'm trying and it locks up:

static int mqttclient_tls_cb(MqttClient* cli)
{
  int rc = WOLFSSL_FAILURE;

  cli->tls.ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  
  if (cli->tls.ctx) {
    wolfSSL_CTX_set_verify(cli->tls.ctx, SSL_VERIFY_NONE, mqttclient_tls_verify_cb);

    /* default to success */
    rc = WOLFSSL_SUCCESS;

    /* Load CA certificate buffer */[b]<----************This is where it locks up!!**************[/b]
    rc = wolfSSL_CTX_load_verify_buffer(cli->tls.ctx,
                                        (const byte*)ca_cert, (long)XSTRLEN(ca_cert), WOLFSSL_FILETYPE_PEM);
  }

  PRINTF("MQTT TLS Setup (%d)", rc);

  return rc;
}
]]> Mon, 30 Mar 2020 04:17:50 +0000 https://www.wolfssl.com/forums/post5177.html#p5177