Connection from ESP32 to Adafruit IO fails

Moderators: adafruit_support_bill, adafruit

Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.
Locked
User avatar
fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Connection from ESP32 to Adafruit IO fails

Post by fab64 »

I am trying to connect to Adafruit IO to use the MQTT Broker to make a POC for a customer. Everything works fine using Arduino Nano 33 IOT.

Connection from ESP32 always fails.

I have written a simple sketch just to test the connection. A very similar connection code running from Nano get connected.

Code: Select all

#include <WiFi.h>
#include <WiFiClientSecure.h>

const char ssid[] = "myssid";
const char pass[] = "mypassword";

#define BROKER_ADDRESS "io.adafruit.com" 
#define BROKER_PORT 8883

/// Ca Cert Adafruit
const char* ca_cert1 = \
                       "-----BEGIN CERTIFICATE-----\n" \
                       "MIIGijCCBXKgAwIBAgIQAfUXR/1IrnlbCX0+CKqtnDANBgkqhkiG9w0BAQsFADBe\n" \
                       ...
                       ...
                       "ApmyW7PbQr+9lZuNzkqieNIt/VuCyNIKZEBJ3PA/2QfwvXdIpjE6M7yz+9kh9WdR\n" \
                       "Rg6qj6hPp2gvSQQrk361RY/sTtueAh4re8yyJDebH3B60kUwzNmMms7zcxQ0Ctvg\n" \
                       "/BDPVBd1VFF/tsoYO4P5iMar1YCl8BNozu6q4JP2E0HRygZD0U7vY2Gsi1wHdm5h\n" \
                       "VZnLJq6SRTbYUWY3tryEp2lJYQFiSoVfu5icebrLUVRmSl05PyYstjFekb9DCNyy\n" \
                       "LIBZsjmaFJoJCGo1y5cSqBYfwSsrq1aD9hn5LFeEVG+PEa10IlVv7l+33mLWZA==\n" \
                       "-----END CERTIFICATE-----\n";

WiFiClientSecure net;

void setup() {
  Serial.begin(115200);
  while (!Serial)
    ;

  delay(1500);
  Serial.println("Start");
  WiFi.begin(ssid, pass);
  Serial.println("checking wifi...");
  while (WiFi.status() != WL_CONNECTED) {
    Serial.print(".");
    delay(1000);
  }
  Serial.println("wifi connected");

  net.setCACert(ca_cert1);

  if (net.connect(BROKER_ADDRESS, BROKER_PORT)) {
    Serial.println("connected to server");
  }
  else {
    Serial.println("connection to server failed");
  }
}

void loop() {
  // put your main code here, to run repeatedly:

}
Any idea of what am I doing wrong?

User avatar
brubell
Learn User Page
 
Posts: 2010
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by brubell »

You're attempting to connect to an MQTT broker using a HTTP client (`WiFiClientSecure`) library, you'll need to use a MQTT client such as the Adafruit_MQTT library or Arduino client MQTT Library. Otherwise, use the HTTP API with the WiFiClientSecure library.

User avatar
fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by fab64 »

Thank you for your answer. Maybe my question was not clear enough.

My actual code uses an MQTT library (https://github.com/256dpi/arduino-mqtt) and doesn't connect to Adafruit IO.

Trying to sort the problem out I wrote the test code just to be sure that the issue is not related to SSL and/or the way I import the Adafruit IO certificate. I used that test code to check the SSL connection against other MQTT brokers (which use both self signed certificate and certificate signed by a CA) and if I can connect with the test code I can also connect with the MQTT Client.

My problem is that I cannot connect to Adafruit IO neither using the test code nor the MQTT Client.

Does Adafruit IO support only either Adafruit_MQTT or Arduino client MQTT Libraries?

Thanks

User avatar
brubell
Learn User Page
 
Posts: 2010
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by brubell »

Does Adafruit IO support only either Adafruit_MQTT or Arduino client MQTT Libraries?
No, it supports any MQTT client library.

My problem is that I cannot connect to Adafruit IO neither using the test code nor the MQTT Client.
Could you post your original code, which connects to IO's MQTT broker? I'll take a look.

User avatar
fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by fab64 »

Hi,
I realized that the problem is with the way I use the certificate. Replacing:

Code: Select all

    net.setCACert(ca_cert1);
with:

Code: Select all

    net.setInsecure();
everything works as expected.
I got the certificate opening https://io.adafruit.com/ and saving the certificate via Firefox.
I attached my simplified code.
Thank you for your support.
Attachments

[The extension ino has been deactivated and can no longer be displayed.]


User avatar
fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by fab64 »

Any suggestions on how to properly load the CA certificate?
Thanks

User avatar
brubell
Learn User Page
 
Posts: 2010
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by brubell »

The `setCACert` is the standard call, could you please post your code within

Code: Select all

code
tags instead of attaching it?

User avatar
fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by fab64 »

Here it is.

I have to truncate the certificate because of the error:

"Your message contains banned spam words. Please rephrase your post without the following words: ...."

Since I think the issue is related to the way manage the certificate, I attached the code unchanged in the previous message

Code: Select all

#include <WiFiClientSecure.h>
#include <MQTT.h>        // https://github.com/256dpi/arduino-mqtt


// Adafruit IO
#define BROKER_ADDRESS "io.adafruit.com"
#define BROKER_PORT 8883
#define BROKER_USER "<myuser>"
#define BROKER_PASSWORD "<mytoken>"

////

const char ssid[] = "<myssid>";
const char pass[] = "<mypassword>";



const char* ca_cert1 = \
"-----BEGIN CERTIFICATE-----\n" \
........
"-----END CERTIFICATE-----\n";                       


WiFiClientSecure net;
MQTTClient client;

unsigned long lastMillis = 0;


void setup() {
  Serial.begin(115200);
  Serial.println("Start");

  WiFi.begin(ssid, pass);

  Serial.print("Connecting to WiFi...");
  while (WiFi.status() != WL_CONNECTED) {
    Serial.print(".");
    delay(1000);
  }
  Serial.println(" connected!");
  net.setInsecure();                 // <-- This works!
  //net.setCACert(ca_cert1);         // <-- This doesn't work

  client.setOptions(60, false, 500);
  client.begin(BROKER_ADDRESS, BROKER_PORT, net);
  client.onMessage(messageReceived);

  connectToBroker();
}

void connectToBroker() {
  
  client.setOptions(20, true, 500);

  Serial.print("Connecting to MQTT Broker ...");
  while (!client.connect("ESP32", BROKER_USER, BROKER_PASSWORD)) {
    Serial.print("MQTT Client Disconnected! ");
    Serial.print(client.lastError()); Serial.println(" Return Code");
    Serial.println(client.returnCode());
    delay(1000);
  }

  Serial.println("connected!");

  // Subscriptions
  client.subscribe("fab64/feeds/Light");
}

void loop() {

  client.loop();

  if (!client.connected()) {
    connectToBroker();
  }

  // publish a message roughly every second.
  if (millis() - lastMillis > 60000) {

    lastMillis = millis();

    String payload = String(random(0, 100));
    client.publish("fab64/feeds/TC", payload, true, 1);   // retained - QoS 1
    
    Serial.println("Temperature updated");
  }

}

void messageReceived(String &topic, String &payload) {

  Serial.print("Topic: ["); Serial.print(topic); Serial.print("] Payload: "); Serial.println(payload);

}


User avatar
brubell
Learn User Page
 
Posts: 2010
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by brubell »

What's the contents of the certificate? ca_cert1

Could you paste it into https://gist.github.com and then post it here? I want to match it against our server.

User avatar
fab64
 
Posts: 24
Joined: Sat Jun 14, 2014 12:11 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by fab64 »


User avatar
brubell
Learn User Page
 
Posts: 2010
Joined: Fri Jul 17, 2015 10:33 pm

Re: Connection from ESP32 to Adafruit IO fails

Post by brubell »

IO's root CA looks like:

Code: Select all

  // io.adafruit.com root CA
  const char *_aio_root_ca =
      "-----BEGIN CERTIFICATE-----\n"
      "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n"
      "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n"
      "d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n"
      "QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n"
      "MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n"
      "b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n"
      "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n"
      "CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n"
      "nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n"
      "43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n"
      "T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n"
      "gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n"
      "BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n"
      "TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n"
      "DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n"
      "hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n"
      "06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n"
      "PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n"
      "YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n"
      "CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n"
      "-----END CERTIFICATE-----\n";
You'd want to set the CACert with Adafruit MQTT using the following command:

Code: Select all

_wifi_client_secure->setCACert(_aio_root_ca);

Locked
Forum rules
If you're posting code, please make sure your code does not include your Adafruit IO Active Key or WiFi network credentials.

Return to “Internet of Things: Adafruit IO and Wippersnapper”