I’ve achieved communication with the AWS MQTT broker. It was pretty straight forward. OK, now to port to the nRF9160DK board.
Glad that it worked for you.
I had this same error trying to connect to a Mosquitto broker:
[ERROR][NET] (Network connection 1fff9c60) Failed to perform SSL handshake. error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed.
using the AWS IoT Demo of the AWS IoT Client in a Cortex M4. I use Keil with the MDK Network interface (not Freertos TCP).
In this case I solved it by setting true the disableSni in the IotNetworkCredentials struct:
credentials.disableSni = true;
I will try also to make all the certificates with different names, but this make the trick by now.
Thanks!
Edit: seems that don’t work changing the “Organization Name” of each certificate, disableSni will be used until a clearer resolution of this error.
Thank you for taking time to report back.
Hi Gaurav,
could you please share all the steps to generate the keys and the certificates, because also I am stuck here. (because I have a doubt on the common name for each step).
When I do a test with the mosquitto broker but with the domain name, it works otherwise with my ip address: 192.168.3.98, it doesn’t work (I don’t know why, it’s on I misunderstood how I configure a new certificate for the client and the server)
and also what is the address you specified here democonfigMQTT_BROKER_ENDPOINT because on the readme of mqtt_broker_setup.txt (you must specify the ip address of the machine but not the “localhost” or the “127.0.0.1” address)
Thanks for you help .
These are all the steps I did -MQTT mutual auth demo "Failed to perform TLS handshake" - #19 by aggarg. As already mentioned above, just use a different name for CN for all the certificates and verify your certificates using the command mentioned in the same post.
The IP address of your machine should work here.
Hi Gaurav,
Thank you for your feedback and for your help.
I redid the configuration and the generation of my certifs for the client and the server (please find a screen attached, if you have any remarks, by information my ip address is 192.168.3.98 and that is what I specified #define democonfigMQTT_BROKER_ENDPOINT “192.168.3.98” )
When I run the MQTT_Mutual_Auth_Demo_With_BG96 demo, it fails to connect to the broker (Failed to connect to 192.168.3.98 with error -126), I don’t know exactly what the problem is.
prob_connexion_broker_mosquitto.zip (187.2 KB)
Thank you again for your help.
It will not work if you are using Cellular as you are using the private IP address of your laptop. You have two options:
- Use WiFi example so that your laptop (which runs the MQTT broker) and the MQTT client are on the same network and so that you can use the private IP address of your laptop.
- Get a public IP address for your laptop or enable port forwarding in your router to make your laptop available to the internet and use the router’s IP address in MQTT client.
Thanks.
Hi Gaurav,
My goal is to perform a test with the MQTT_Mutual_Auth_Demo_With_BG96 demo.
if I replace democonfigMQTT_BROKER_ENDPOINT with localhost or 127.0.0.1 , will it work or not?
Thank you for your help and best regards,
No, it will not as both of those addresses are private. You need to have a broker which is reachable from internet. Do you really need a local broker? Can you not use AWS IoT?
Sorry, I’m new to cellular interfaces.
because on the demo , it is mentioned that we can use a local broker to do the test, that’s why I created a local mosquito broker.
Option 2: Using a locally hosted Mosquitto MQTT message broker (host machine):
MQTT Demo (with TLS – Mutual Authentication) - FreeRTOS?
Thank you for your help.
The page you linked is for Windows Simulator demo and not for Cellular demos. See this section - MQTT Demo (with TLS – Mutual Authentication) - FreeRTOS