Topic: ESP32-Arduino MQTT Lock up

I have installed wolfSSL and wolfMQTT for the Arduino IDE. I've reworked the wolfMQTT example code for WiFi instead of Ethernet since I'm using an ESP32 dev board.

I have a cert that is already being used in a non-wolfSSL implementation and connects to a mosquitto broker. The cert is loaded into the code as:

const char* ca_cert = \
                      "-----BEGIN CERTIFICATE-----\n" \
                     --------cert code here-------------
                      "-----END CERTIFICATE-----\n";

How would I load the cert? This is what I'm trying and it locks up:

static int mqttclient_tls_cb(MqttClient* cli)

  cli->tls.ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  if (cli->tls.ctx) {
    wolfSSL_CTX_set_verify(cli->tls.ctx, SSL_VERIFY_NONE, mqttclient_tls_verify_cb);

    /* default to success */

    /* Load CA certificate buffer */[b]<----************This is where it locks up!!**************[/b]
    rc = wolfSSL_CTX_load_verify_buffer(cli->tls.ctx,
                                        (const byte*)ca_cert, (long)XSTRLEN(ca_cert), WOLFSSL_FILETYPE_PEM);

  PRINTF("MQTT TLS Setup (%d)", rc);

  return rc;


Re: ESP32-Arduino MQTT Lock up

Hi rvogel,

Your code looks correct for loading a trusted CA. I would suggest its not locking up, but instead is taking a long time. Internally its doing an asymmetric verify operation. Are you able to see with a debugger where its "locking up". Have you confirmed you have enough stack/heap available? Is this an ECC or RSA certificate? Have you tried enabling debug logging? To do so define DEBUG_WOLFSSL and call wolfSSL_Debugging_ON();. If you want to redirect to printf instead of the default sprintf(stderr define `WOLFSSL_LOG_PRINTF`.

David Garske, wolfSSL