I have successfully managed to get the MQTTClient example project to connect to the test.mosquitto broker using the SECURE_CLIENT configuration.
I have now set up my own broker & can successfully connect to it until I enable SECURE_CLIENT
I have created a set of keys & certificates, I have successfully connected to my secure broker using mqtt explorer, giving it access to ca.crt, client.crt & client.key.
In mqttClientHooks.c I have pasted in the contents of my client.crt & added the \r\n" to each line. Now when i connect i receive "Connection to broker failed, Error code: -2021"
by monitoring the log on my mosquitto broker I can see the message "OpenSSL Error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca"
I guess my certificate isn't created in the correct way to work with this example, it certainly does work with the MQTT Explorer app. Is there some magic spell i'm missing when i create my keys/certificates?
Here are the commands i used to create my certificates:
openssl genrsa -des3 -out ca.key 2048
openssl req -new -x509 -days 1826 -key ca.key -out ca.crt
openssl genrsa -out server.key 2048
openssl req -new -out server.csr -key server.key
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 360
openssl genrsa -out client.key 2048
openssl req -new -out client.csr -key client.key
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days 360
The Common name I am using is the Hostname for the MQTT broker
I have hunted high & low for examples to create ca-cert.pem, but i must be looking in the wrong places!
