ESP32-Mqtt was not connected using Azure SSL Certificate about howsmyssl HOT 2 CLOSED

None of this code is talking to howsmyssl? And it looks like it's probably requiring a specific CA cert that doesn't include Let's Encrypt which howsmyssl uses?

I'm going to close this as I assume it was made in mistake.

from howsmyssl.

Hi, I am using this below code, it shows Failed message.

#include <WiFiClientSecure.h>
#include <PubSubClient.h>

const char *ssid = "xxx"; // your network SSID (name of wifi network)
const char *password = "xxx"; // your network password

const char *server = "xxx.azure-devices.net"; // Server URL

const char* test_root_ca=
"-----BEGIN CERTIFICATE-----\n"
"MIIDxDCCAqwCCQDyrMM0eCtQEDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMC\n"
"SU4xCzAJBgNVBAgMAktBMRIwEAYDVQQHDAlCYW5nYWxvcmUxEzARBgNVBAoMCkJy\n"
"YWluQ2hpbGQxGTAXBgNVBAsMEEF6dXJlU21hcnREZXZpY2UxFzAVBgNVBAMMDlNt\n"
"YXJ0RGV2aWNlQmN0MSowKAYJKoZIhvcNAQkBFht2aWpheS5uQGJyYWluY2hpbGR0\n"
"ZWNoLmNvbSAwHhcNMjAwNDEyMDYxNzM2WhcNMzEwNjMwMDYxNzM2WjCBozELMAkG\n"
"A1UEBhMCSU4xCzAJBgNVBAgMAktBMRIwEAYDVQQHDAlCYW5nYWxvcmUxEzARBgNV\n"
"BAoMCkJyYWluQ2hpbGQxGTAXBgNVBAsMEEF6dXJlU21hcnREZXZpY2UxFzAVBgNV\n"
"BAMMDlNtYXJ0RGV2aWNlQmN0MSowKAYJKoZIhvcNAQkBFht2aWpheS5uQGJyYWlu\n"
"Y2hpbGR0ZWNoLmNvbSAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM\n"
"9BSby0MzYNe4FpezzhUwkthQl6a41zuf6bpp42jUbagGjmLvBf36By6dUd4qQN9n\n"
"DELU/51TLr0v3lWRyli9dz9gaD3l0l8jw7mT5TaaxgWi6A8o288T8Vlf2QKPwH8Y\n"
"4wejrVpWp4hUxX5SA6y5a4XTe1UBHyKDiAAa3SGUu7gzw6zau+6HE45sQhzBZoke\n"
"fApDQvYmexjecIfqGpNTNxhvKENTt/luNBRevsRr5uEp+7D2mwVHWQxz321EvtJX\n"
"8GePNpzpavBzfQaXBIg8N8Ump33NEzPcfCvlVjY/GCTdjDV47RvFCB45hgoU5y1P\n"
"voSEu60ju4fOnKK5z9OlAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAAqrBglSslip\n"
"kmrilWXTRWwfc9goH+BbgHvSLJJI6/LEsLVkHPYE+Id4lvyFih8JMTgn5QVqDdtK\n"
"dqE8MN792VQBmDMMWamRuQLWAjZi3zrRlT24X1S0lQncx418z4gIJL7rugfdkkdc\n"
"v77BXQaog3N7ErEo0ye8AajgcnNixe5oYzI0jrC/7TFpo6r6me5yKz2GLq/RIpSq\n"
"8pT2prkw0pCJWBHqT7pt/f2ZxPp5wKFKqOXdWJSW957hDcVobgYUzfARtBA1pgmv\n"
"JdA4Wz2GMmzdhKGlNKG0wXjesSYSyyijKfNHQzRZ04SM4kDk5Xf9sm1igWvrOIbU\n"
"B6qOPjRQhDA=\n"
"-----END CERTIFICATE-----\n";

// You can use x.509 client certificates if you want
const char* test_client_key =
"-----BEGIN RSA PRIVATE KEY-----\n"
"MIIEpAIBAAKCAQEAvrsh1YjvyGB90UroWLX383OrtrfS5jabzIAl99W0gjQWpN8E\n"
"Ccq8thffWzq6+EoJrjrMshqLrgwuupsKyYAxZ8pEBMu/7/6P2ROk/9huycP9MP/c\n"
"nexpfqlTrlrabDFG4YEbFNGmQ0eFhGjR4G+ymn6WGGzcG6c+Wd7YgseMI7MPz8W0\n"
"EUXSmQMYa0BIrFfwQ4j5cnJL2L6ylenc6rwoVG1Zzlvx+1ZgtOuIMjZDzyfwD2OU\n"
"grB8Spjg8RI8CPoBeF8TMwnNghPfSJZ2Hl7Kq6S8Wxo67qfUVBVtfA8lE/8dvO16\n"
"txBxc7xDnZDJD6bQP+qZl81wLjzu6/e2H6Cd7wIDAQABAoIBAFFbW1RNhBKR7jk/\n"
"XZqxjCGBnqZjBQgEFTMHGqr7snKzq1EKfBt9Kj/2MOUmSSit1DFIjZYPMrO8KJaa\n"
"meBX2TsvkRIGo0nI6S0sbv5fIOrZuf+TtFR8yocnzTUbNf5eiqCYRKf9wZEDShWv\n"
"7I5yttml03p5vO3iyfrlzq8CVWnIM03lDgjgVRvgqPMTL/ZpOCkbSuMGPlwTVXXR\n"
"CTBH2SNg3SRROKMYM4sJWGbbCeB55VkryIosfpSkqeOxJ2Kon5j9PNOt+3M80/pV\n"
"T/t4gRtp9IlFu2AfGbibSiyBs2/Zx0VPJUlPvJX57k88EtuCZz/ZOxc3ryRKrJN1\n"
"wMg70ikCgYEA8l4m82UFivtPkE7fcmNtLUTilwh9v5Fkl9HTcJx0uppa47+wnJHU\n"
"+s1uBh9O1yjaxJS9bBupNsNZc7/93SP6e6m2/mBP8AR3SmmY7bJTw2hnN8caMSVW\n"
"tm57NY6kLNF5BU6bZiBQ6YqFExOBJ4PGp8LOhYDnQ6NuA9zcVZjvxW0CgYEAyXV2\n"
"iIA8hnjAqkxq61B2EhXxUigCqAFDQGJHt98F92it+GeRU5iWBjSWwrvPuiCMSRNl\n"
"bPKB0gzPCjag8FGK9B0hHApCYpgQuZ5x80P0txkWYP1dYB2+zsKCr32WMaw8pDPD\n"
"ZmOoaLIJVcNpVCHPaUIHnvpwfvE6cEE0fCLng0sCgYEA487bjatGqnvNLTb1j+8k\n"
"j4hP8uZoS8e9ZXYz54Unsr2i8K8csg3gwlyVLev/jv03o86qvRLC2laDnei4FUPc\n"
"DKBZAIBGorOP7MGUnNchJGrdme/rDoaqGo99/7kzV20M85APQM7fPqSUsHmEzD9w\n"
"Wf8hXxrqRQk4Pyk5cLtvo4ECgYB7V9Sb3E+yUSo82g64RgoUJqUalO6TaDqBp+qb\n"
"FAw2Hzwsk1Rx50ErSXVogs66+YSKlTqLCqsbLMZyTWIZ4QL/VPpZjZp5fPr4ep7v\n"
"vxKMK+r8tQM/fta9BnA2++BCR17Vde/Tt357o0192eeaIB06J7g8yL6pqg4KfpGg\n"
"00oFowKBgQCwCkR5b2OJqsYVcLmkivSUq+fvn++CZ25bL/fp2tnjyqKn2wmXJQb2\n"
"zyOOvmQLeMibg2N0C5w58uVK29iSB4wvZR6ld22nwiNuMrgCqXSPfala9diShiT4\n"
"jKR5LyiKNwbWUIhlHRoEoflU99R9phQ9RBCLM9DZPl14l0t121BrTA==\n"
"-----END RSA PRIVATE KEY-----\n"; //to verify the client

const char* test_client_cert =
"-----BEGIN CERTIFICATE-----\n"
"MIIDUDCCAjigAwIBAgIEDWcmzDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMC\n"
"SU4xCzAJBgNVBAgMAktBMRIwEAYDVQQHDAlCYW5nYWxvcmUxEzARBgNVBAoMCkJy\n"
"YWluQ2hpbGQxGTAXBgNVBAsMEEF6dXJlU21hcnREZXZpY2UxFzAVBgNVBAMMDlNt\n"
"YXJ0RGV2aWNlQmN0MSowKAYJKoZIhvcNAQkBFht2aWpheS5uQGJyYWluY2hpbGR0\n"
"ZWNoLmNvbSAwHhcNMjEwMzAyMDUyNzE4WhcNMjcwMzAxMDUyNzE4WjAUMRIwEAYD\n"
"VQQDDAllbWRpMTExMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+\n"
"uyHViO/IYH3RSuhYtffzc6u2t9LmNpvMgCX31bSCNBak3wQJyry2F99bOrr4Sgmu\n"
"OsyyGouuDC66mwrJgDFnykQEy7/v/o/ZE6T/2G7Jw/0w/9yd7Gl+qVOuWtpsMUbh\n"
"gRsU0aZDR4WEaNHgb7KafpYYbNwbpz5Z3tiCx4wjsw/PxbQRRdKZAxhrQEisV/BD\n"
"iPlyckvYvrKV6dzqvChUbVnOW/H7VmC064gyNkPPJ/APY5SCsHxKmODxEjwI+gF4\n"
"XxMzCc2CE99IlnYeXsqrpLxbGjrup9RUFW18DyUT/x287Xq3EHFzvEOdkMkPptA/\n"
"6pmXzXAuPO7r97YfoJ3vAgMBAAGjGjAYMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMC\n"
"MA0GCSqGSIb3DQEBCwUAA4IBAQCWZihPRY/3PxSqw5r+dFY5sViZfQyx/CLYqyM7\n"
"qz0LNEkkyoTkJ12Tvb8mq4gKA0W8u4iydr6n6vr1Mjnz2W0s0JIjvKAJ3H5/7t0Z\n"
"88bppuO/QHJTi4K04oHGZturGYON6rJ84+ahBs9MGaGjUD6Pkq5Y1f1xAeXbMzkZ\n"
"2/lgWG8xkMXZpdib3i8/CQD2qUbn6t4lTskEECTxtnsjsTZeN6WQDX7qyhwdW5AU\n"
"hFvfglo7ftzrPYWO3cHht6GkIWFNasqfOaLy6KOZ0LR29/c21o+oJoVNvjVMSat/\n"
"jbXGdI9GU2tLprZ22CGBEu6vaw56JwZlB7QPxmkmHOMPH14j\n"
"-----END CERTIFICATE-----\n"; //to verify the client

WiFiClientSecure client;
PubSubClient pubsubclient(client);

void setup() {
//Initialize serial and wait for port to open:
Serial.begin(115200);
delay(100);

Serial.print("Attempting to connect to SSID: ");
Serial.println(ssid);
WiFi.begin(ssid, password);

// attempt to connect to Wifi network:
while (WiFi.status() != WL_CONNECTED) {
Serial.print(".");
// wait 1 second for re-trying
delay(1000);
}

Serial.print("Connected to ");
Serial.println(ssid);

client.setCACert(test_root_ca);
client.setCertificate(test_client_cert); // for client verification
client.setPrivateKey(test_client_key); // for client verification
client.setInsecure();
pubsubclient.setServer(server, 8883);

Serial.println("\nStarting connection to server...");
if (!pubsubclient.connected()) {
String clientId = "emdi11111";
if (pubsubclient.connect(clientId.c_str())) {
Serial.println("\nConnected.");
} else {
Serial.print("\nFailed.");
}
}

}

void loop() {
// do nothing
}

ets Jun 8 2016 00:22:57

rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:1
load:0x3fff0018,len:4
load:0x3fff001c,len:1216
ho 0 tail 12 room 4
load:0x40078000,len:10944
load:0x40080400,len:6388
entry 0x400806b4
[E][esp32-hal-cpu.c:170] setCpuFrequencyMhz(): Can not switch to 240 MH⸮���⸮⸮⸮⸮CPU frequency rated for 160MHz.
[D][esp32-hal-cpu.c:189] setCpuFrequencyMhz(): PLL: 320 / 2 = 160 Mhz, APB: 80000000 Hz
Attempting to connect to SSID: Libre
[D][WiFiGeneric.cpp:374] _eventCallback(): Event: 0 - WIFI_READY
[D][WiFiGeneric.cpp:374] _eventCallback(): Event: 2 - STA_START
.[D][WiFiGeneric.cpp:374] _eventCallback(): Event: 4 - STA_CONNECTED
..[D][WiFiGeneric.cpp:374] _eventCallback(): Event: 7 - STA_GOT_IP
[D][WiFiGeneric.cpp:419] _eventCallback(): STA IP: 192.168.1.61, MASK: 255.255.255.0, GW: 192.168.1.1
Connected to Libre

Starting connection to server...
[V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 280512
[V][ssl_client.cpp:65] start_ssl_client(): Starting socket
[V][ssl_client.cpp:104] start_ssl_client(): Seeding the random number generator
[V][ssl_client.cpp:113] start_ssl_client(): Setting up the SSL/TLS structure...
[I][ssl_client.cpp:127] start_ssl_client(): WARNING: Skipping SSL Verification. INSECURE!
[V][ssl_client.cpp:197] start_ssl_client(): Setting hostname for TLS session...
[V][ssl_client.cpp:212] start_ssl_client(): Performing the SSL/TLS handshake...
[V][ssl_client.cpp:233] start_ssl_client(): Verifying peer X.509 certificate...
[V][ssl_client.cpp:242] start_ssl_client(): Certificate verified.
[V][ssl_client.cpp:257] start_ssl_client(): Free internal heap after TLS 238484
[V][ssl_client.cpp:295] send_ssl_data(): Writing HTTP request with 23 bytes...
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.

Failed.

from howsmyssl.