Welcome to the wolfSSL Forums!

bubshowlett · 2021-03-02 01:13:57

bubshowlett
Member
Offline

Registered: 2021-02-15
Posts: 1

Topic: Wolf MQTT Harmony 3 and SSL

Hi,

I'm having issues with the Harmony 3 MQTT demo using the PIC32MZ EF Starter Kit and getting SSL to work.

Using port 1883 everything works correctly and I can connect to the broker, however when I change to port 8883 the connection fails as follows,

MQTT pub/sub demo has been started
MQTT Task - Client Start: QoS 0, broker mqtt.eclipseprojects.io
MQTT Task - run message: WMQTT_NETGlue_Initialize, res: 0
MQTT Task - run message: MqttClient_Init, res: 0
MQTT Task - run message: MqttClient_SetDisconnectCallback, res: 0
WMQTT_NET_GLUE Info: Started Connect
WMQTT_NET_GLUE Info: Connected Successfully
WMQTT_NET_GLUE Info: Start TLS
WMQTT_NET_GLUE Error: TLS Negotiation, occurred in func: WMQTT_NETGlue_Connect, line: 328,
MQTT Task - run message: MqttClient_NetConnect, res: -6
MQTT Task - MQTT cycle Failed in state: 6, error code: -6!

I think the demo is running correctly but the certs are wrong for the broker, I have a local mosquitto broker I can use with working certs, however I'm unsure how to convert the X509 format into DER and then to the byte arrays used within the demo.

Do you have a best practice / guide to converting from x509 to a DER byte array?

I noticed in the GIT repo the broker has been updated, but I didn't see the certs being changed, does the harmony 3 demo work with SSL to the eclipseprojects.io broker?

Thanks
Shaun

embhorn · 2021-03-02 13:10:33

embhorn
Moderator
Offline

From: Mobile, AL
Registered: 2013-12-11
Posts: 298

Re: Wolf MQTT Harmony 3 and SSL

Hi Shaun,

The linux wolfMQTT client does connect to mqtt.eclipseprojects.io using TLS with the default certs / config.

eric@ubuntu:~/repos/wolfMQTT$ ./examples/mqttclient/mqttclient -h mqtt.eclipseprojects.io -t
MQTT Client: QoS 0, Use TLS 1
MQTT Net Init: Success (0)
MQTT Init: Success (0)
NetConnect: Host mqtt.eclipseprojects.io, Port 8883, Timeout 5000 ms, Use TLS 1
MQTT TLS Setup (1)
MQTT TLS Verify Callback for mqttclient: PreVerify 0, Error -188 (ASN no signer error to confirm failure)
  Subject's domain name is R3
  Allowing cert anyways
MQTT TLS Verify Callback for mqttclient: PreVerify 1, Error 0 (none)
  Subject's domain name is mqtt.eclipseprojects.io
MQTT Socket Connect: Success (0)
MQTT Connect: Proto (v3.1.1), Success (0)
MQTT Connect Ack: Return Code 0, Session Present 0
MQTT Subscribe: Success (0)
  Topic wolfMQTT/example/testTopic, Qos 0, Return Code 0
MQTT Publish: Topic wolfMQTT/example/testTopic, Success (0)
MQTT Waiting for message...
MQTT Message: Topic wolfMQTT/example/testTopic, Qos 0, Len 4
Payload (0 - 4): test
MQTT Message: Done
^CReceived SIGINT
Network Error Callback: Error (Network) (error -8)
MQTT Exiting...
MQTT Unsubscribe: Success (0)
MQTT Disconnect: Success (0)
MQTT Socket Disconnect: Success (0)

Did you try forcing TLS?

Thanks,
Eric @ wolfSSL Support

Welcome to the wolfSSL Forums!

Wolf MQTT Harmony 3 and SSL

Posts: 2

1 Topic by bubshowlett 2021-03-02 01:13:57

Topic: Wolf MQTT Harmony 3 and SSL

2 Reply by embhorn 2021-03-02 13:10:33

Re: Wolf MQTT Harmony 3 and SSL

Posts: 2