Hi,
I am able to get my CA certificate working using TLS for MQTT. but im not able to get the TLS Client certificate working.
I had created a client certificate as per the link: https://test.mosquitto.org/ssl/
I had taken a Wifi Station example code and ported the MQTT feature to it.
This is the issue
[00:00:12.554,077] <inf> mqtt: Connecting to MQTT broker [00:00:13.998,046] <err> net_pkt: Data buffer (1035) allocation failed. [00:00:13.998,077] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=987 [00:00:14.146,118] <err> net_pkt: Data buffer (1110) allocation failed. [00:00:14.146,148] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1062 [00:00:14.382,293] <err> net_pkt: Data buffer (1110) allocation failed. [00:00:14.382,293] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1062 [00:00:14.382,293] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:14.908,538] <err> net_pkt: Data buffer (1110) allocation failed. [00:00:14.908,538] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1062 [00:00:14.908,538] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:15.647,735] <err> net_pkt: Data buffer (1110) allocation failed. [00:00:15.647,735] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1062 [00:00:15.647,735] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:16.705,932] <err> net_pkt: Data buffer (1110) allocation failed. [00:00:16.705,932] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1062 [00:00:16.705,932] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:18.243,164] <err> net_pkt: Data buffer (1328) allocation failed. [00:00:18.243,164] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1280 [00:00:18.243,194] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:20.498,413] <err> net_pkt: Data buffer (1328) allocation failed. [00:00:20.498,443] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1280 [00:00:20.498,443] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:23.830,657] <err> net_pkt: Data buffer (1328) allocation failed. [00:00:23.830,657] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1280 [00:00:23.830,688] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:28.778,900] <err> net_pkt: Data buffer (1328) allocation failed. [00:00:28.778,900] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1280 [00:00:28.778,930] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:36.151,123] <err> net_pkt: Data buffer (1328) allocation failed. [00:00:36.151,123] <err> net_tcp: conn: 0x200553a4 packet allocation failed, len=1280 [00:00:36.151,153] <err> net_tcp: TCP failed to allocate buffer in retransmission [00:00:36.436,157] <err> mqtt: Error in mqtt_connect: -5
Attaching the code.
I also tried changing the values from 4096 to 8192
CONFIG_MAIN_STACK_SIZE=8192 CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=8192 CONFIG_NET_TX_STACK_SIZE=8192 CONFIG_NET_RX_STACK_SIZE=8192
I have added the certificates and keys as shown below
static const unsigned char ca_certificate[] = { #include "mosquitto_ca_cert.h" }; static const unsigned char client_certificate[] = { #include "mosquitto_client_cert.h" }; static const unsigned char priv_key[] = { #include "mosquitto_priv_key.h" };
int err; // CA Certificate err = tls_credential_add(MQTT_TLS_SEC_TAG, TLS_CREDENTIAL_CA_CERTIFICATE, ca_certificate, sizeof(ca_certificate)); if (err < 0) { LOG_ERR("Failed to add TLS credentials CA Certificate, err: %d", err); return err; } // Client Certificate err = tls_credential_add(MQTT_TLS_SEC_TAG, TLS_CREDENTIAL_SERVER_CERTIFICATE, client_certificate, sizeof(client_certificate)); if (err < 0) { LOG_ERR("Failed to add TLS credentials Client Certificate, err: %d", err); return err; } // Private Key err = tls_credential_add(MQTT_TLS_SEC_TAG, TLS_CREDENTIAL_PRIVATE_KEY, priv_key, sizeof(priv_key)); if (err < 0) { LOG_ERR("Failed to add TLS credentials Private Key, err: %d", err); return err; }