-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Works perfectly with ArduinoMqttClient on Arduino Due, same code gives inconsistent SSL errors on Teensy 4.1 #33
Comments
Interesting... when I swapped out the SARA-R410 modem with the SIM7000 (on the same Teensy 4.1), connection to AWS IoT MQTT works fine. So, Teensy 4.x + SARA-R410 + SSLClient is a NOOP? This makes no sense, because the same modem works fine on the other boards I tested. Weird. |
Thanks for the detailed writeup! Yeah there's at least a few platform-dependent bugs rattling around that I've been pretty stumped on (see #9), and so far every bug has been with SSLClient and not BearSSL (the underlying library SSLClient wraps). I think ultimately the logic for a Message -> MQTT -> TLS -> TCP -> 4G pipeline is so complicated that the bugs that occur are easier to work around than they are to find, which is unfortunate. Glad you got it working! |
Hi @MaffooClock Let me explain, I use ESP32-S3 and I want to create an MQTT connection with SSL always active. Code: this->sslClient = new SSLClient(*this->rawClient, TAs, (size_t)TAs_NUM, 17, 2, SSLClient::DebugLevel::SSL_INFO); in Setup(): In loop():
}` Am I doing something wrong? |
I have a program that is an MQTT client for AWS IoT service, which means it uses mTLS and certificate authentication. The same codebase has been tested on:
I had repeated and continual success connecting to AWS IoT MQTT using AWS-issued certificates, as well as a private TLS-only Mosquitto server using self-signed certificates (so yes, I'm familiar with using
SSLClientParameters::fromPEM()
andsslClient.setMutualAuthParams()
, as well as creating acertificates.h
file from root certificates).I've been trying to use the same code on a new Teensy 4.1 (ARM Cortex M7), but I seem to have trouble with SSLClient. The errors I get are different almost every time (each one of these was from a single connection attempt from a fresh boot):
There have been others, but these were the four that I captured when I made the decision to file a bug.
Troubleshooting:
One of the troubleshooting steps was to completely remove SSLClient and test MQTT connections to a test server without encryption, which worked, so it's not the network hardware nor anything else I'm doing in code.
I have scoured the SSLClient source to see if there were any flags that were different between the Due and Teensy platforms that might be throwing things off during compile, but I didn't notice anything interesting.
Context:
Additional context
The same codebase has been used on other devices not listed above, but those were not using this library. I only mention this to further assert that everything else in my MQTT client program works fine.
Network access is provided by cellular modem. The Arduino Due used a SIM7000A, and the Teensy 4.1 is using a u-blox SARA-R410M.
I ran the TinyGSM HttpsClient demo, which successfully downloaded the TinyGSM text logo over HTTPS. Of course, this has nothing to do with SSLClient, I'm only making the point that encrypted communication is possible on this setup.
I haven't included any code snippets in this initial report because I'm not sure it's relevant yet. My main goal here is to see if any other Teensy 4.x users might be having the same experience, or to see if anyone smarter than me might know of things to check or tweak.
The text was updated successfully, but these errors were encountered: