MQTT SSL problems on Wiznet W5100S-EVB-Pico [SOLVED]

[nickehallgren]

Hi,

I'm trying the same code (that works on a ESP32) on a Pico clone with ethernet but I get no luck with using SSL, without SSL it works (but only if using qos=0 in publish otherwise (using 1) I'll get a OSError: [Errno 22] EINVAL from the publish function).

Both qos=1 and ssl works on the ESP32 but I would like why and what I can do to get it to work. On the Wiznet it just halts on line 72 in umqttsimple.py. It imports the ussl but get stucks after that, no errors thrown it just stops there

Code: Select all

if self.ssl:
    import ussl
    
    self.sock = ussl.wrap_socket(self.sock, **self.ssl_params)

https://github.com/micropython/micropyt ... /simple.py

I connect like this (also tried without certificates ssl={} but no difference and the certs are correct and working on the ESP32 and the user/pass are not the ones I use )

Code: Select all

with open("homeautomation.key.der", 'rb') as f:
    key = f.read()
with open("homeautomation.crt.der", 'rb') as f:
    cert = f.read()
ssl_params = dict()
ssl_params["cert"] = cert
ssl_params["key"] = key
client = MQTTClient(client_id, mqtt_server, port=8883, user='power', password='1p0w3R6', keepalive=30, ssl=True, ssl_params=ssl_params)
client.connect()
print('Connected to %s MQTT broker' % (mqtt_server))

What am I missing? Or are there other libraries that work on the Pico and support SSL?

[jcmc]

Nothing helpful to add other than that I have a similar problem. I'm trying to connect my Pico W to AWS IoT and I'm struggling.

I've used the same certs and key on my Mac to connecting using paho mqtt so I know they work, they just don't work on the pico.

I'm not doing anything complicated, just this:

Code: Select all

keyfile = 'aws.private.key'
with open(keyfile, 'r') as f:
	key = f.read()
	
certfile = 'aws.cert.pem'
with open(cartfile, 'r') as f:
	cert = f.read()

client = MQTTClient(client_id, mqtt_server, port=8883, keepalive=3600, ssl=True, ssl_params={'key': key, 'cert': cert})
client.connect()

Whatever I do I get the error

Code: Select all

MBEDTLS_ERR_SSL_CONN_EOF

I've tried adding 'ca_cert' to the ssl_params (where ca_cert is the ca file AWS provided) but that makes no difference.
I found an old blog post somewhere that said to convert the cert and key to der files, makes no difference.

I am at a loss

[nickehallgren]

Ok, so I managed to fix my problem. It seems that the firmware Wiznet provided did not work when using SSL (don't know why). But I compiled my own version of micropython with the W5100 driver and now MQTT with SSL work perfectly.

This is what I did:

Code: Select all

git clone -b master https://github.com/micropython/micropython.git
cd micropython
make -C ports/rp2 submodules
make -C ports/rp2 BOARD=W5100S_EVB_PICO submodules
make -C mpy-cross
cd ports/rp2
make BOARD=W5100S_EVB_PICO submodules
make BOARD=W5100S_EVB_PICO

the compiled firmware that you can flash to your W5100S-EVB-PICO device is found under micropython/ports/rp2/build-W5100S_EVB_PICO/

@jcmc I only got it to work with der files and I converted them like this:

Code: Select all

openssl x509 -outform der -in /etc/mosquitto/certs/homeautomation.crt -out homeautomation.crt.der
openssl rsa -inform pem -in /etc/mosquitto/certs/homeautomation.key -outform DER -out homeautomation.key.der