0

Connection from ESP32 to Adafruit IO fails
Moderators: adafruit_support_bill, adafruit

Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.
Please be positive and constructive with your questions and comments.

Connection from ESP32 to Adafruit IO fails

by fab64 on Mon Aug 02, 2021 5:32 am

I am trying to connect to Adafruit IO to use the MQTT Broker to make a POC for a customer. Everything works fine using Arduino Nano 33 IOT.

Connection from ESP32 always fails.

I have written a simple sketch just to test the connection. A very similar connection code running from Nano get connected.

Code: Select all | TOGGLE FULL SIZE
#include <WiFi.h>
#include <WiFiClientSecure.h>

const char ssid[] = "myssid";
const char pass[] = "mypassword";

#define BROKER_ADDRESS "io.adafruit.com"
#define BROKER_PORT 8883

/// Ca Cert Adafruit
const char* ca_cert1 = \
                       "-----BEGIN CERTIFICATE-----\n" \
                       "MIIGijCCBXKgAwIBAgIQAfUXR/1IrnlbCX0+CKqtnDANBgkqhkiG9w0BAQsFADBe\n" \
                       ...
                       ...
                       "ApmyW7PbQr+9lZuNzkqieNIt/VuCyNIKZEBJ3PA/2QfwvXdIpjE6M7yz+9kh9WdR\n" \
                       "Rg6qj6hPp2gvSQQrk361RY/sTtueAh4re8yyJDebH3B60kUwzNmMms7zcxQ0Ctvg\n" \
                       "/BDPVBd1VFF/tsoYO4P5iMar1YCl8BNozu6q4JP2E0HRygZD0U7vY2Gsi1wHdm5h\n" \
                       "VZnLJq6SRTbYUWY3tryEp2lJYQFiSoVfu5icebrLUVRmSl05PyYstjFekb9DCNyy\n" \
                       "LIBZsjmaFJoJCGo1y5cSqBYfwSsrq1aD9hn5LFeEVG+PEa10IlVv7l+33mLWZA==\n" \
                       "-----END CERTIFICATE-----\n";

WiFiClientSecure net;

void setup() {
  Serial.begin(115200);
  while (!Serial)
    ;

  delay(1500);
  Serial.println("Start");
  WiFi.begin(ssid, pass);
  Serial.println("checking wifi...");
  while (WiFi.status() != WL_CONNECTED) {
    Serial.print(".");
    delay(1000);
  }
  Serial.println("wifi connected");

  net.setCACert(ca_cert1);

  if (net.connect(BROKER_ADDRESS, BROKER_PORT)) {
    Serial.println("connected to server");
  }
  else {
    Serial.println("connection to server failed");
  }
}

void loop() {
  // put your main code here, to run repeatedly:

}


Any idea of what am I doing wrong?

fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

by brubell on Mon Aug 02, 2021 10:05 am

You're attempting to connect to an MQTT broker using a HTTP client (`WiFiClientSecure`) library, you'll need to use a MQTT client such as the Adafruit_MQTT library or Arduino client MQTT Library. Otherwise, use the HTTP API with the WiFiClientSecure library.

brubell
 
Posts: 1513
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

by fab64 on Mon Aug 02, 2021 12:27 pm

Thank you for your answer. Maybe my question was not clear enough.

My actual code uses an MQTT library (https://github.com/256dpi/arduino-mqtt) and doesn't connect to Adafruit IO.

Trying to sort the problem out I wrote the test code just to be sure that the issue is not related to SSL and/or the way I import the Adafruit IO certificate. I used that test code to check the SSL connection against other MQTT brokers (which use both self signed certificate and certificate signed by a CA) and if I can connect with the test code I can also connect with the MQTT Client.

My problem is that I cannot connect to Adafruit IO neither using the test code nor the MQTT Client.

Does Adafruit IO support only either Adafruit_MQTT or Arduino client MQTT Libraries?

Thanks

fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

by brubell on Tue Aug 03, 2021 5:04 pm

Does Adafruit IO support only either Adafruit_MQTT or Arduino client MQTT Libraries?

No, it supports any MQTT client library.


My problem is that I cannot connect to Adafruit IO neither using the test code nor the MQTT Client.

Could you post your original code, which connects to IO's MQTT broker? I'll take a look.

brubell
 
Posts: 1513
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

by fab64 on Wed Aug 04, 2021 3:24 am

Hi,
I realized that the problem is with the way I use the certificate. Replacing:
Code: Select all | TOGGLE FULL SIZE
    net.setCACert(ca_cert1);

with:
Code: Select all | TOGGLE FULL SIZE
    net.setInsecure();

everything works as expected.
I got the certificate opening https://io.adafruit.com/ and saving the certificate via Firefox.
I attached my simplified code.
Thank you for your support.
Attachments
ForumTest1.ino
(4.42 KiB) Downloaded 1 time

fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

by fab64 on Thu Aug 05, 2021 12:42 pm

Any suggestions on how to properly load the CA certificate?
Thanks

fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

by brubell on Mon Aug 09, 2021 10:06 am

The `setCACert` is the standard call, could you please post your code within
Code: Select all | TOGGLE FULL SIZE
code
tags instead of attaching it?

brubell
 
Posts: 1513
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

by fab64 on Tue Aug 10, 2021 2:00 am

Here it is.

I have to truncate the certificate because of the error:

"Your message contains banned spam words. Please rephrase your post without the following words: ...."

Since I think the issue is related to the way manage the certificate, I attached the code unchanged in the previous message

Code: Select all | TOGGLE FULL SIZE
#include <WiFiClientSecure.h>
#include <MQTT.h>        // https://github.com/256dpi/arduino-mqtt


// Adafruit IO
#define BROKER_ADDRESS "io.adafruit.com"
#define BROKER_PORT 8883
#define BROKER_USER "<myuser>"
#define BROKER_PASSWORD "<mytoken>"

////

const char ssid[] = "<myssid>";
const char pass[] = "<mypassword>";



const char* ca_cert1 = \
"-----BEGIN CERTIFICATE-----\n" \
........
"-----END CERTIFICATE-----\n";                       


WiFiClientSecure net;
MQTTClient client;

unsigned long lastMillis = 0;


void setup() {
  Serial.begin(115200);
  Serial.println("Start");

  WiFi.begin(ssid, pass);

  Serial.print("Connecting to WiFi...");
  while (WiFi.status() != WL_CONNECTED) {
    Serial.print(".");
    delay(1000);
  }
  Serial.println(" connected!");
  net.setInsecure();                 // <-- This works!
  //net.setCACert(ca_cert1);         // <-- This doesn't work

  client.setOptions(60, false, 500);
  client.begin(BROKER_ADDRESS, BROKER_PORT, net);
  client.onMessage(messageReceived);

  connectToBroker();
}

void connectToBroker() {
 
  client.setOptions(20, true, 500);

  Serial.print("Connecting to MQTT Broker ...");
  while (!client.connect("ESP32", BROKER_USER, BROKER_PASSWORD)) {
    Serial.print("MQTT Client Disconnected! ");
    Serial.print(client.lastError()); Serial.println(" Return Code");
    Serial.println(client.returnCode());
    delay(1000);
  }

  Serial.println("connected!");

  // Subscriptions
  client.subscribe("fab64/feeds/Light");
}

void loop() {

  client.loop();

  if (!client.connected()) {
    connectToBroker();
  }

  // publish a message roughly every second.
  if (millis() - lastMillis > 60000) {

    lastMillis = millis();

    String payload = String(random(0, 100));
    client.publish("fab64/feeds/TC", payload, true, 1);   // retained - QoS 1
   
    Serial.println("Temperature updated");
  }

}

void messageReceived(String &topic, String &payload) {

  Serial.print("Topic: ["); Serial.print(topic); Serial.print("] Payload: "); Serial.println(payload);

}


fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

by brubell on Fri Aug 13, 2021 9:31 am

What's the contents of the certificate? ca_cert1

Could you paste it into https://gist.github.com and then post it here? I want to match it against our server.

brubell
 
Posts: 1513
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

by fab64 on Sat Aug 14, 2021 11:41 am


fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

by brubell on Tue Aug 17, 2021 4:55 pm

IO's root CA looks like:

Code: Select all | TOGGLE FULL SIZE
  // io.adafruit.com root CA
  const char *_aio_root_ca =
      "-----BEGIN CERTIFICATE-----\n"
      "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n"
      "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n"
      "d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n"
      "QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n"
      "MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n"
      "b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n"
      "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n"
      "CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n"
      "nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n"
      "43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n"
      "T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n"
      "gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n"
      "BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n"
      "TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n"
      "DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n"
      "hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n"
      "06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n"
      "PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n"
      "YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n"
      "CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n"
      "-----END CERTIFICATE-----\n";


You'd want to set the CACert with Adafruit MQTT using the following command:

Code: Select all | TOGGLE FULL SIZE
_wifi_client_secure->setCACert(_aio_root_ca);

brubell
 
Posts: 1513
Joined: Fri Jul 17, 2015 10:33 pm

Please be positive and constructive with your questions and comments.