- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Team,
We are using Wiced SDK 3.3.1. We want to use SSL security while communicating over MQTT. Can you please provide a sample code of using SSL security with MQTT protocol?
Thanks and Regards,
Amit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Refer toWICED SDK supporting Amazon Web Services 3.4.0-AWS
This has sample application over TLS1.2 . We do not have example using SSL and support for SSL is deprecated in our SDK.
Thanks,
vik86
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer to this question for the now depreciated library is pretty basic. I've noticed a couple of problems with the old library, but currently no show stoppers. First, it is necessary to fix three lines of code in "MQTTWiced.c". In functions "wiced_mqtt_connect", "wiced_mqtt_subscribe" and "wicked_mqtt_publish", modify the return line to: "return ( rc == MQTT_FAILURE ) ? WICED_ERROR : WICED_SUCCESS;". In function "wiced_read" change the last statement from "return result;" to "return -1;" This fixes another problem.
This fixes a logic issue. In "wicked_lib.c" modify the very last statement from "return -1;" to "return error;". This fixes a logic error in that code.
Finally, the following code works perfect to my MQTT server with a self signed CA certificate. I need to point out that this code has the original google CA certificate and that is worthless. For this code to work, you'll need to use openSSL to generate your own self signed certificate and server certificates.
The basic code looks like this:
void application_start( )
{
Network mqtt_network;
Client mqtt_client;
unsigned char buf[ 100 ];
unsigned char readbuf[ 100 ];
wiced_result_t result;
const char* peer_cn = MQTT_TARGET_IP;
wiced_tls_simple_context_t context;
wiced_ip_address_t ip_address;
wiced_init( ); // Set up the WICED core and the WLAN connection
/* Initialize MQTT */
wiced_mqtt_init( &mqtt_network ); //set up function pointers
wiced_mqtt_buffer_init( &mqtt_client, &mqtt_network, buf, 100, readbuf, 100 );
mqtt_network.hostname = MQTT_TARGET_IP;
mqtt_network.ip_address = &ip_address;
mqtt_network.port = MQTTS_BROKER_PORT;
/* Bring up the network interface */
wiced_network_up( WICED_STA_INTERFACE, WICED_USE_EXTERNAL_DHCP_SERVER, NULL );
WPRINT_APP_INFO( ( "Resolving IP address of Secure MQTTS server\n" ) );
wiced_hostname_lookup(mqtt_network.hostname, &ip_address, 10000);
WPRINT_APP_INFO( ( "Server is at %u.%u.%u.%u\n", (uint8_t)(GET_IPV4_ADDRESS(ip_address) >> 24),
(uint8_t)(GET_IPV4_ADDRESS(ip_address) >> 16),
(uint8_t)(GET_IPV4_ADDRESS(ip_address) >> 8),
(uint8_t)(GET_IPV4_ADDRESS(ip_address) >> 0) ) );
/* Initialize the root CA certificate */
result = wiced_tls_init_root_ca_certificates( google_root_ca_certificate );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO( ( "Error: Root CA certificate failed to initialize: %u\n", result) );
return;
}
// Got the root certificate loaded
wiced_tls_init_simple_context( &context, peer_cn );
if ( wiced_tcp_create_socket( &mqtt_network.my_socket, WICED_STA_INTERFACE ) != WICED_SUCCESS )
{
WPRINT_APP_INFO(("TCP socket creation failed\n"));
return;
}
wiced_tcp_enable_tls(&mqtt_network.my_socket, &context );
// create the socket connection
result = wiced_tcp_connect( &mqtt_network.my_socket, &ip_address, mqtt_network.port, 20000 );
if ( result != WICED_SUCCESS )
{
wiced_tcp_delete_socket( &mqtt_network.my_socket );
WPRINT_APP_INFO( ("TCP Connect Failure\n") );
return;
}
// Got the socket connection completed
WPRINT_APP_INFO( ("Secure Connection Setup completed\n") );
// this sets up stuff in the mqtt_client structure and connects
result = wiced_mqtt_connect( &mqtt_client, MQTT_CLIENT_ID, MQTT_USERNAME, MQTT_PASSWD );
if ( result != WICED_SUCCESS )
{
wiced_tcp_delete_socket( &mqtt_network.my_socket );
WPRINT_APP_INFO( ("MQTT Connect Failure = %d\n", result) );
return;
}
// this sets up stuff in the mqtt_client structure
result = wiced_mqtt_subscribe( &mqtt_client, MQTT_TOPIC_NAME, messageArrived );
if ( result != WICED_SUCCESS )
{
wiced_tcp_delete_socket( &mqtt_network.my_socket );
WPRINT_APP_INFO( ("MQTT Subscribe Failure =%d\n", result) );
return;
}
while ( 1 )
{
wiced_subscribe( &mqtt_client );
wiced_rtos_delay_milliseconds( 100 );
}
}
I can't figure out how to attach the code here so...Enjoy.