This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3220SF: How to disable SL_ERROR_BSD_ESECUNKNOWNROOTCA warning in TI-RTOS

Part Number: CC3220SF
Other Parts Discussed in Thread: CC3100

How do I disable the SL_ERROR_BSD_ESECUNKNOWNROOTCA warning using the TI-RTOS MQTT project?

Documentation (SWPU332A Section 2.5.5 Connecting to a Server With a Self-Signed Certificate) suggests the following:

_u32 dummyVal;
sl_SetSockOpt(clt_sock, SL_SOL_SOCKET,
SL_SO_SECURE_DISABLE_CERTIFICATE_STORE,
&dummyVal, sizeof(dummyVal));

I understand the data structure (mqttClientParams) that is used to communicate the secure file names, but I can't find within the MQTT project where the sl function calls are that actually setup the socket options. I'm migrating over to CC3220 from CC3100 so I have a good idea of how the bare-metal code is structured, but I do not have any previous experience with TI-RTOS (or any RTOS) besides what is in Simplelink Academy. 

Thank you.

  • In the MQTTClient_ConnParams::netconnFlags you can set the MQTTCLIENT_NETCONN_SKIP_CERTIFICATE_CATALOG_VERIFICATION.

    (internally the mqtt library will use this flags set socket option).

    Example (update to the mqtt client example):

    #define MQTT_CONNECTION_FLAGS     (MQTTCLIENT_NETCONN_URL | MQTTCLIENT_NETCONN_SKIP_CERTIFICATE_CATALOG_VERIFICATION)

    ...

    MQTTClient_ConnParams mqttConnParams =
    {
      MQTT_CONNECTION_FLAGS, // connection flags
      MQTT_CONNECTION_ADDRESS, // server address
      MQTT_CONNECTION_PORT_NUMBER, // port number of MQTT server
      SLNETSOCK_SEC_METHOD_SSLv3_TLSV1_2, // method for secure socket
      SLNETSOCK_SEC_CIPHER_FULL_LIST, // cipher for secure socket
      1, // number of files for secure connection
      MQTTClient_secureFiles // secure files
    };

    Br,

    Kobi