ESP32 Forum

Posted: **Sun May 15, 2022 3:10 pm**

Hi everybody,
I'm trying to get connected to cloudMQTT using AT commands and as long as I simply connect using TCP it works just fine. When it comes to certificate I start having troubles.
I have three certificates tested using MQTT.fx therefore I consider them valid and correct.

The list of commands I'm using:

AT+MQTTUSERCFG=0,3,"publisher","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTUSERCFG=0,3,"subscriber","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTCONN=0,"m24.cloudmqtt.com",29768,1

I'm getting "error" message all the time.

The certificates have been loaded using
AT+SYSFLASH=2,"mqtt_cert",0,2054
AT+SYSFLASH=2,"mqtt_ca",0,2208
AT+SYSFLASH=2,"mqtt_key",0,3308

I have loaded the certificates either in plain text or converted in .bin using ATPKI.py with no success.

I also use these command to get date and time for certificate validity check

AT+CIPSNTPCFG=1,8,"ntp1.aliyun.com"
AT+CIPSNTPTIME?

I'm obviously missing something but after days of trial I can't figure out what is wrong.

Any bit of help will be appreciate.

Posted: **Mon May 16, 2022 1:17 am**

Move -> AT forum

Posted: **Fri Jul 15, 2022 9:19 pm**

I am using AT command FW 2.4.0 and I confirm that sending the certificate files with binary header via AT command AT+SYSFLASH does not work even when certificates are properly generated with atpki script.

This said, sending the private key file via UART AT command is a terrible practice for security.

A working solution that I tested is to program the certificates files to flash directly via flash download tool.
To find the right offset, you need to look into esp-at-release-2.4.0.0 github repo, and look for file module_config/module_esp32_default/at_customize.csv

Posted: **Mon Jul 18, 2022 4:14 am**

giulio wrote: ↑
Sun May 15, 2022 3:10 pm
Hi everybody,
I'm trying to get connected to cloudMQTT using AT commands and as long as I simply connect using TCP it works just fine. When it comes to certificate I start having troubles.
I have three certificates tested using MQTT.fx therefore I consider them valid and correct.

The list of commands I'm using:

AT+MQTTUSERCFG=0,3,"publisher","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTUSERCFG=0,3,"subscriber","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTCONN=0,"m24.cloudmqtt.com",29768,1

I'm getting "error" message all the time.

The certificates have been loaded using
AT+SYSFLASH=2,"mqtt_cert",0,2054
AT+SYSFLASH=2,"mqtt_ca",0,2208
AT+SYSFLASH=2,"mqtt_key",0,3308

I have loaded the certificates either in plain text or converted in .bin using ATPKI.py with no success.

I also use these command to get date and time for certificate validity check

AT+CIPSNTPCFG=1,8,"ntp1.aliyun.com"
AT+CIPSNTPTIME?

I'm obviously missing something but after days of trial I can't figure out what is wrong.

Any bit of help will be appreciate.

Hi,

You may need to use

Code: Select all

AT+SYSFLASH=0,"mqtt_cert"

to first erase the partition, then use

Code: Select all

AT+SYSFLASH=1,"mqtt_cert",0,<actual length of the certificate>

to write the certificate, and finally use

Code: Select all

AT+SYSFLASH=2, "mqtt_cert",0,2054

to query certificate.

Hope the above method works for you.

ESP32 Forum

at command MQTT

at command MQTT

Re: at command MQTT

Re: at command MQTT

Re: at command MQTT