[solved] MQTT and tls



  • Hello there,

    I have to use mqtt over tls connection.
    right now I am using simple mqtt lib
    Can you recommend me a library, or some code snippet? So far googleing doesn't brought me any luck



  • I found the issue.
    I got wrong login name and pass from the client....



  • Thanks for the library, and sample. That was a great help.
    Let me share my result so far.

    So my first error was: cannot convert str to int. for this line

    self.sock = ussl.wrap_socket(self.sock, **self.ssl_params)
    

    in simple.py, This is my call by the way:

    c = MQTTClient(client_id="GH001a", server="######",user=b"######", password=b"#####", ssl=True, ssl_params={"cert_reqs":"ssl.CERT_REQUIRED", "ca_certs":"/flash/cert/fullchain1.pem"})
    

    what I come up with (I know it's not nice) to hard code into the simple.py file like this:

     self.sock = ssl.wrap_socket(self.sock, cert_reqs=ssl.CERT_REQUIRED, ca_certs='/flash/cert/fullchain1.pem')
    

    The second error wast that CA file not found. That was not hard to crack, just edit pymark.json sync_file_types attribute.

    The third and current error is MQTTException: 5 for line 102 in simple.py

    raise MQTTException(resp[3])
    

    on the server side it's look like this: Socket error on client <unknown>, disconnecting.

    this is where I'am stuck right now.



  • @tttadam
    using the default mqtt library and the ussl library
    put the root ca certificate in the cert directory (you have to rename it ca.pem in earlier versions but than maybe changed)
    the communications now go over ssl. use the mqttc client as before.

    from mqtt import MQTTClient
    import ussl
    
    # mqtt definitions
    ssl_params = {'cert_reqs':ussl.CERT_REQUIRED, 'ca_certs':'/flash/cert/ca.pem'}
    mqttc = MQTTClient(
        <yourmachinename>,
        <yourmqttserver>,
        keepalive=60,
        ssl=True,
        ssl_params=ssl_params
    )
    

    best regards
    André



  • hmmm, Can you show me an example how the TLS part works, how should I use it?
    Thanks.




Log in to reply
 

Pycom on Twitter