at command MQTT

giulio
Posts: 1
Joined: Sun May 15, 2022 2:46 pm

at command MQTT

Postby giulio » Sun May 15, 2022 3:10 pm

Hi everybody,
I'm trying to get connected to cloudMQTT using AT commands and as long as I simply connect using TCP it works just fine. When it comes to certificate I start having troubles.
I have three certificates tested using MQTT.fx therefore I consider them valid and correct.

The list of commands I'm using:

AT+MQTTUSERCFG=0,3,"publisher","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTUSERCFG=0,3,"subscriber","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTCONN=0,"m24.cloudmqtt.com",29768,1

I'm getting "error" message all the time.

The certificates have been loaded using
AT+SYSFLASH=2,"mqtt_cert",0,2054
AT+SYSFLASH=2,"mqtt_ca",0,2208
AT+SYSFLASH=2,"mqtt_key",0,3308

I have loaded the certificates either in plain text or converted in .bin using ATPKI.py with no success.

I also use these command to get date and time for certificate validity check

AT+CIPSNTPCFG=1,8,"ntp1.aliyun.com"
AT+CIPSNTPTIME?

I'm obviously missing something but after days of trial I can't figure out what is wrong.

Any bit of help will be appreciate.

ESP_Sprite
Posts: 9709
Joined: Thu Nov 26, 2015 4:08 am

Re: at command MQTT

Postby ESP_Sprite » Mon May 16, 2022 1:17 am

Move -> AT forum

TiboRich
Posts: 1
Joined: Fri Jul 15, 2022 4:12 pm

Re: at command MQTT

Postby TiboRich » Fri Jul 15, 2022 9:19 pm

I am using AT command FW 2.4.0 and I confirm that sending the certificate files with binary header via AT command AT+SYSFLASH does not work even when certificates are properly generated with atpki script.

This said, sending the private key file via UART AT command is a terrible practice for security.

A working solution that I tested is to program the certificates files to flash directly via flash download tool.
To find the right offset, you need to look into esp-at-release-2.4.0.0 github repo, and look for file module_config/module_esp32_default/at_customize.csv

ESP_Sun
Posts: 326
Joined: Thu Dec 30, 2021 9:52 am

Re: at command MQTT

Postby ESP_Sun » Mon Jul 18, 2022 4:14 am

giulio wrote:
Sun May 15, 2022 3:10 pm
Hi everybody,
I'm trying to get connected to cloudMQTT using AT commands and as long as I simply connect using TCP it works just fine. When it comes to certificate I start having troubles.
I have three certificates tested using MQTT.fx therefore I consider them valid and correct.

The list of commands I'm using:

AT+MQTTUSERCFG=0,3,"publisher","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTUSERCFG=0,3,"subscriber","user-id","password",0,0,"" (parameter "scheme" can be either 3,4 or 5)
AT+MQTTCONN=0,"m24.cloudmqtt.com",29768,1

I'm getting "error" message all the time.

The certificates have been loaded using
AT+SYSFLASH=2,"mqtt_cert",0,2054
AT+SYSFLASH=2,"mqtt_ca",0,2208
AT+SYSFLASH=2,"mqtt_key",0,3308

I have loaded the certificates either in plain text or converted in .bin using ATPKI.py with no success.

I also use these command to get date and time for certificate validity check

AT+CIPSNTPCFG=1,8,"ntp1.aliyun.com"
AT+CIPSNTPTIME?

I'm obviously missing something but after days of trial I can't figure out what is wrong.

Any bit of help will be appreciate.
Hi,

You may need to use

Code: Select all

AT+SYSFLASH=0,"mqtt_cert"
to first erase the partition, then use

Code: Select all

AT+SYSFLASH=1,"mqtt_cert",0,<actual length of the certificate>
to write the certificate, and finally use

Code: Select all

AT+SYSFLASH=2, "mqtt_cert",0,2054
to query certificate.

Hope the above method works for you.

Who is online

Users browsing this forum: No registered users and 31 guests