Page 1 of 1

How to use MQTT with SSL/TLS without using a certificate

Posted: Tue Jan 26, 2021 6:41 pm
by henrique2512
My company uses a MQTT server for internal tests that uses SSL without certificates, so in order to connect to it i would need to configure my esp for doing the same, i tested on arduino IDE and i can connect to my company's server using the library WiFiClientSecure.h , but i'm starting a new project and want to implement that on ESP-IDF.
I already tested MQTT on ESP-IDF without SSL/TLS on shiftr.io/try using the simplest implementation i could and it's working just fine, after that i changed to my company's server info and the code looks like this:

Code: Select all

 
 esp_mqtt_client_config_t mqtt_cfg = {0};
		  mqtt_cfg.host = "xxxxx";
	      mqtt_cfg.port = 8883;
	 mqtt_cfg.username = "xxxx";
	 mqtt_cfg.password = "xxxxxx";
	 mqtt_cfg.client_id = "IDF";
	esp_mqtt_client_handle_t client=esp_mqtt_client_init(&mqtt_cfg);
        esp_mqtt_client_start(client);
	esp_mqtt_client_publish(client,"/teste/idf", "Testei", 6, 0, 0);  
i tried writing "mqtt_cfg.transport=MQTT_TRANSPORT_OVER_SSL;" (stops showing error message but still fails to publish anything) or changing configurations on menuconfig , but none of that worked, also the documentation on ESP-IDF webpage says something about having a "bool use_secure_element" on config struct, but when i checked the library it wasn't there, does anybody know how can i enable SSL/TLS without using certificates?

Re: How to use MQTT with SSL/TLS without using a certificate

Posted: Wed Jan 11, 2023 6:27 am
by wilkxt
Hi
I have the same problem.
Did you manage to do it?

Re: How to use MQTT with SSL/TLS without using a certificate

Posted: Wed Jan 11, 2023 12:40 pm
by ESP_YJM
You can keep the mqtt config code and only enable CONFIG_ESP_TLS_SKIP_SERVER_CERT_VERIFY by idf.py menuconfig(Components config->ESP-TLS->[*]Allow potentially insecure options->[*] Skip server ...)

Re: How to use MQTT with SSL/TLS without using a certificate

Posted: Wed Jan 11, 2023 12:57 pm
by wilkxt
thanks, it works

Re: How to use MQTT with SSL/TLS without using a certificate

Posted: Thu Jan 12, 2023 10:25 am
by cruvus
Is there a way to do this in runtime, temporarily?

Re: How to use MQTT with SSL/TLS without using a certificate

Posted: Thu Jan 12, 2023 12:37 pm
by ESP_YJM
No, not support configure it in runtime. But if you want to check the server CA certificate, you could input a trusted CA pem in your MQTT config. When you input a CA pem, it will use the CA pem to check the server when TLS handshake, no matter you enable the config CONFIG_ESP_TLS_SKIP_SERVER_CERT_VERIFY or not .