mqtt ssl example certificate error in esp idf

[jaimits]

Hii;

I am facing issue to connect wifi mqtt with ssl. i already generated client certificate and key. when i try to run example code
(esp-idf\examples\protocols\mqtt\ssl)i get below error.


E (7204) esp-tls-mbedtls: mbedtls_x509_crt_parse returned -0x2180
E (7204) esp-tls-mbedtls: Failed to set client pki context
E (7204) esp-tls-mbedtls: Failed to set client configurations
E (7214) esp-tls: create_ssl_handle failed
E (7214) esp-tls: Failed to open new connection
E (7214) TRANS_SSL: Failed to open a new connection
E (7224) MQTT_CLIENT: Error transport connect
I (7234) MQTTS_EXAMPLE: MQTT_EVENT_ERROR
I (7234) MQTTS_EXAMPLE: MQTT_EVENT_DISCONNECTED

can someone guide me what i m doing wrong???

[Zoptune]

Hi jaimits,

As described in the logs, the problem here comes from the certificate :

Code: Select all

 E (7204) esp-tls-mbedtls: mbedtls_x509_crt_parse returned -0x2180

First you are saying that you created both client key and certificate but the example you are using (examples\protocols\mqtt\ssl) is only for server authentication.
For mutual authentication use the example examples\protocols\mqtt\ssl_mutual_auth

Then make sure that the commands you are using to generate certificates and keys are correct.
To create a self-signed certificate with openssl it should be something like :

Code: Select all

openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout client.key -out client.crt

To avoid errors you really need to understand how mutual auth and more generally PKI works.