FreeRTOS On Demand Video — Debugging TCP and TLS connection issues w/ open source tools

In this issue with guest @lundinc, we cover how to debug a common issue we see on the FreeRTOS Community Forums — TLS handshake failure due to certificate mismatch. Specifically in this example demonstration, it’s actually an incorrect MQTT broker endpoint which was returning a root CA that we weren’t expecting.

To triage the issue, we use OpenSSL, TCPDUMP, and Wireshark to identify the root cause on a standard Raspberry Pi as an access point.

Commands run in the video:

  1. openssl s_client -showcerts -connect <<ENDPOINT ADDRESS>>

  2. sudo tcpdump -i wlan0 src <<DEVICE IP ADDRESS>> or dst <<DEVICE IP ADDRESS>> -w <<YOUR FILE NAME FOR TCP DUMP>>.pcap

  3. open <<YOUR FILE NAME FOR TCP DUMP>>.pcap