How to use MQTT with SSL/TLS without using a certificate

henrique2512
Posts: 1
Joined: Tue Jan 26, 2021 6:05 pm

How to use MQTT with SSL/TLS without using a certificate

Postby henrique2512 » Tue Jan 26, 2021 6:41 pm

My company uses a MQTT server for internal tests that uses SSL without certificates, so in order to connect to it i would need to configure my esp for doing the same, i tested on arduino IDE and i can connect to my company's server using the library WiFiClientSecure.h , but i'm starting a new project and want to implement that on ESP-IDF.
I already tested MQTT on ESP-IDF without SSL/TLS on shiftr.io/try using the simplest implementation i could and it's working just fine, after that i changed to my company's server info and the code looks like this:

Code: Select all

 
 esp_mqtt_client_config_t mqtt_cfg = {0};
		  mqtt_cfg.host = "xxxxx";
	      mqtt_cfg.port = 8883;
	 mqtt_cfg.username = "xxxx";
	 mqtt_cfg.password = "xxxxxx";
	 mqtt_cfg.client_id = "IDF";
	esp_mqtt_client_handle_t client=esp_mqtt_client_init(&mqtt_cfg);
        esp_mqtt_client_start(client);
	esp_mqtt_client_publish(client,"/teste/idf", "Testei", 6, 0, 0);  
i tried writing "mqtt_cfg.transport=MQTT_TRANSPORT_OVER_SSL;" (stops showing error message but still fails to publish anything) or changing configurations on menuconfig , but none of that worked, also the documentation on ESP-IDF webpage says something about having a "bool use_secure_element" on config struct, but when i checked the library it wasn't there, does anybody know how can i enable SSL/TLS without using certificates?

wilkxt
Posts: 15
Joined: Sun Mar 06, 2016 7:46 pm

Re: How to use MQTT with SSL/TLS without using a certificate

Postby wilkxt » Wed Jan 11, 2023 6:27 am

Hi
I have the same problem.
Did you manage to do it?
best regards, Tom

ESP_YJM
Posts: 300
Joined: Fri Feb 26, 2021 10:30 am

Re: How to use MQTT with SSL/TLS without using a certificate

Postby ESP_YJM » Wed Jan 11, 2023 12:40 pm

You can keep the mqtt config code and only enable CONFIG_ESP_TLS_SKIP_SERVER_CERT_VERIFY by idf.py menuconfig(Components config->ESP-TLS->[*]Allow potentially insecure options->[*] Skip server ...)

wilkxt
Posts: 15
Joined: Sun Mar 06, 2016 7:46 pm

Re: How to use MQTT with SSL/TLS without using a certificate

Postby wilkxt » Wed Jan 11, 2023 12:57 pm

thanks, it works
best regards, Tom

cruvus
Posts: 59
Joined: Fri Jul 08, 2022 5:08 pm
Location: Planet Earth

Re: How to use MQTT with SSL/TLS without using a certificate

Postby cruvus » Thu Jan 12, 2023 10:25 am

Is there a way to do this in runtime, temporarily?
ESP32 / ESP-IDF 5.1.4

ESP_YJM
Posts: 300
Joined: Fri Feb 26, 2021 10:30 am

Re: How to use MQTT with SSL/TLS without using a certificate

Postby ESP_YJM » Thu Jan 12, 2023 12:37 pm

No, not support configure it in runtime. But if you want to check the server CA certificate, you could input a trusted CA pem in your MQTT config. When you input a CA pem, it will use the CA pem to check the server when TLS handshake, no matter you enable the config CONFIG_ESP_TLS_SKIP_SERVER_CERT_VERIFY or not .

Who is online

Users browsing this forum: No registered users and 83 guests