Hi,
I'm hoping to find some guidance here on how I can add TLS/SSL to a MQTT setup on a LAN that I've been working on with a Raspberry pi broker and esp32s running micropython.
I've seen that the Pycom board fork examples has an MQTTS setup with AWS (whose form looks most ideal since the cert itself is not stored as plaintext?)
and I've tried out a tutorial using the Arduino ESP32 implementation that worked well enough (but I clearly favor MicroPython)
( http://www.iotsharing.com/2017/08/how-to-use-esp32-mqtts-with-mqtts-mosquitto-broker-tls-ssl.html )
Microcontrollers are pretty much brand-new to me, but it appears that the framework has already been established for doing this with the
ESP32 and the quite pleasant to use micropython, but I'm a bit stuck on this.
I'd very much appreciate any tutorial, snippet, pointers, etc.!
And a very big thanks to the creator and all the developers in general for all the awesome work that you do in creating and developing MicroPython!
So freakin fun!
-------------
Motivation on the security desire:
Since I'm concerned about protecting both my family's electronic safety, as well as our physical safety, (e.g. b/c appliance or lights attached to switches run by microcontrollers) I'm uncomfortable with the ideas of:
--relying on wifi security alone to protect against local attacks
--having any unsecured device on a permanent network
(For local attacks: the growing sophistication and prevalence of prepackaged malicious tools for any fool to use is getting ridiculous
and for everything else: it's becoming AI-driven and there's ip and mac address spoofing to get around firewall rules)
ESP32 TLS/SSL & MQTT with MicroPython
-
Mike Teachman
- Posts: 155
- Joined: Mon Jun 13, 2016 3:19 pm
- Location: Victoria, BC, Canada
Re: ESP32 TLS/SSL & MQTT with MicroPython
The github repo below has an example for MQTT publishing. There is a comment in the code describing how to use TLS. Tested with the ESP8266.
https://github.com/MikeTeachman/micropy ... tt-esp8266
Note: the code comments indicate that you need to change the port to 8883, but someone looked at the implementation and apparently that is not necessary. You only need to add the option "ssl=True"
https://github.com/MikeTeachman/micropy ... tt-esp8266
Note: the code comments indicate that you need to change the port to 8883, but someone looked at the implementation and apparently that is not necessary. You only need to add the option "ssl=True"
Re: ESP32 TLS/SSL & MQTT with MicroPython
As I newly understood, esp32 port supports the open source mbedtls and not axtls. However, I implemented the latest esp32 bin file https://micropython.org/download#esp32 on the esp32 board. Then I tried to speak secured mqtt connection using the ussl.wrap_socket function https://docs.micropython.org/en/latest/ ... /ussl.html but it speaks only TLS 1.2
I'm a bit confused! If esp32 bin file supports the open source mbedtls then it should speak with the server TLS 1.3 because mbedtls already supports the latest version (TLS 1.3).
Any ideas?
I'm a bit confused! If esp32 bin file supports the open source mbedtls then it should speak with the server TLS 1.3 because mbedtls already supports the latest version (TLS 1.3).
Any ideas?