ESP8266 SSL MQTT 双向认证开发记录（已OK）

1.因为RTOSSDK有更新，所以采用这个SDK

  用esp-mqtt来进行操作

 

例程地址：ESP8266_RTOS_SDK\examples\protocols\mqtt\ssl_mutual_auth

(1) . 这里所谓双向验证，其实只需要用户的PEM和KEY就行了 这里PEM可以是CRT格式，一样的 

注意，不需要加服务器的CA，这个没吊用的

注意官方demo常常返回0x50错误，是 验证hello时出错，多连几次就行，如果是其他的国内服务器，应该不会有这个问题

 

(2).若要单向认证，参考ESP8266_RTOS_SDK\examples\protocols\mqtt\ssl即可

官方demo地址可用

 

 

对应的连接方式为下图这种方式

 

 

2.需要注意，RTOS的SDK有坑，freertos改一下定时器heap ，防止程序上电就死机。。。我这样改可以，不纠结了，可能还有其他方法

 

 

 

3.demo里面，可以看readme，将自己用open ssl 生成的csr发网上地址，请求一个crt回来，然后写进去文件就行。

这里文件其实是cmake.txt里面将文件搞成bin了

 

 

 

 

我们这里直接定义在程序里面，搞个const就行

 

 

程序配置如下：

 

 (1).client_id 设置一下 某些平台限制了id和nam password 要对应的 否则登录不了

 (2).name password 看情况 

 (3).task_stack 其实就是mqtt主任务的栈，可以设大一点，看情况吧

 (4). keepalive是心跳的时间，看着来

发心跳有如下提示，若开了比较低的log

 

 

 

注意这里有个坑，host和port不需要填，只需要填url就行

 

这里的mqtt: mqtts: 对应你用什么方式去认证，后面 的 才是真正的地址

 

pem不需要自己设长度，里面会直接strlen帮算了

 

开了log为最低后，可以看到很多信息，我这里将SSL的认证流程打出来了

在ssl_tls.c里面

若要看到更详细信息，可以打开mbedtls的打印看

 

 

 

 

所有的STEP在这

 

 

 关于ERROR，如果是mbedtls的，其实可以在mbedtls的库里面error.c进行搜索 看看对应是什么值，这样再搜这个值对应在哪里return就行

 

 

 

 

 

 

Bⅹ睯簯验 Enable task watch dog panic, panic time parameter is 11
D (464) wdt: task watch dog trigger time parameter is 15
I (468) MQTTS_EXAMPLE: [APP] Startup..
I (471) MQTTS_EXAMPLE: [APP] Free memory: 98168 bytes
I (475) MQTTS_EXAMPLE: [APP] IDF version: v3.2-635-gc972ccc-dirty
D (481) event: running task for loop 0x40107224
D (484) event: created task for loop 0x40107224
D (488) event: created event loop 0x40107224
I (491) system_api: Base MAC address is not set, read default base MAC address from EFUSE
D (497) nvs: nvs_open_from_partition backup_mac 0
D (500) nvs: nvs_get_str_or_blob backup_mac_data
D (504) nvs: nvs_close 2
I (506) system_api: Base MAC address is not set, read default base MAC address from EFUSE
D (512) nvs: nvs_open_from_partition backup_mac 0
D (516) nvs: nvs_get_str_or_blob backup_mac_data
D (519) nvs: nvs_close 3
D (521) phy_init: loading PHY init data from application binary
D (525) nvs: nvs_open_from_partition phy 0
D (528) nvs: nvs_get_str_or_blob cal_data
D (531) nvs: nvs_get_str_or_blob dc_table
D (535) nvs: nvs_close 4
phy_version: 1163.0, 665d56c, Jun 24 2020, 10:00:08, RTOS new
I (579) phy_init: phy ver: 1163_0
D (583) nvs: nvs_open_from_partition misc 1
D (586) nvs: nvs_open_from_partition nvs.net80211 1
D (590) nvs: nvs_get opmode 1
D (592) nvs: nvs_get_str_or_blob sta.ssid
D (595) nvs: nvs_get_str_or_blob sta.mac
D (598) nvs: nvs_get sta.authmode 1
D (601) nvs: nvs_get_str_or_blob sta.pswd
D (604) nvs: nvs_get_str_or_blob sta.pmk
D (607) nvs: nvs_get sta.chan 1
D (610) nvs: nvs_get auto.conn 1
D (612) nvs: nvs_get bssid.set 1
D (615) nvs: nvs_get_str_or_blob sta.bssid
D (618) nvs: nvs_get sta.lis_intval 2
D (621) nvs: nvs_get sta.phym 1
D (623) nvs: nvs_get sta.phybw 1
D (626) nvs: nvs_get_str_or_blob sta.apsw
D (629) nvs: nvs_get_str_or_blob sta.apinfo
D (632) nvs: nvs_get sta.scan_method 1
D (635) nvs: nvs_get sta.sort_method 1
D (638) nvs: nvs_get sta.minrssi 1
D (641) nvs: nvs_get sta.minauth 1
D (643) nvs: nvs_get_str_or_blob ap.ssid
D (646) nvs: nvs_get_str_or_blob ap.mac
D (649) nvs: nvs_get_str_or_blob ap.passwd
D (653) nvs: nvs_get_str_or_blob ap.pmk
D (656) nvs: nvs_get ap.chan 1
D (658) nvs: nvs_get ap.authmode 1
D (661) nvs: nvs_get ap.hidden 1
D (663) nvs: nvs_get ap.max.conn 1
D (666) nvs: nvs_get bcn.interval 2
D (669) nvs: nvs_get ap.phym 1
D (671) nvs: nvs_get ap.phybw 1
D (674) nvs: nvs_get ap.sndchan 1
D (676) nvs: nvs_get lorate 1
D (679) nvs: nvs_get sta.pmf_e 1
D (681) nvs: nvs_get sta.pmf_r 1
D (684) nvs: nvs_get ap.pmf_e 1
D (687) nvs: nvs_get ap.pmf_r 1
D (689) nvs: nvs_get_str_or_blob country
D (692) nvs: nvs_get sta.rm_e 1
D (695) nvs: nvs_get sta.btm_e 1
I (699) example_connect: Connecting to xiaomi-homerun...
D (703) system_event: SYSTEM_EVENT_STA_START
D (706) event: running post WIFI_EVENT:2 with handler 0x4026b904 on loop 0x40107224
I (2387) wifi:state: 0 -> 2 (b0)
I (2443) wifi:state: 2 -> 3 (0)
I (2474) wifi:state: 3 -> 5 (10)
I (3275) wifi:connected with xiaomi-homerun, aid = 3, channel 2, HT20, bssid = 78:11:dc:31:58:a6
D (3276) system_event: SYSTEM_EVENT_STA_CONNECTED, ssid:xiaomi-homerun, ssid_len:14, bssid:78:11:dc:31:58:a6, channel:2, authmode:4
D (3285) event: running post WIFI_EVENT:4 with handler 0x4026b960 on loop 0x40107224
D (3291) tcpip_adapter: dhcp client init ip/mask/gw to all-0
D (3295) tcpip_adapter: if0 start ip lost tmr: enter
D (3299) tcpip_adapter: if0 start ip lost tmr: no need start because netif=0x401074b8 interval=120 ip=0
D (3307) tcpip_adapter: dhcp client start successfully
D (3798) tcpip_adapter: dhcpc time(ms): 0

D (3889) tcpip_adapter: if0 dhcpc cb
D (3892) tcpip_adapter: if0 ip changed=1
D (3895) system_event: SYSTEM_EVENT_STA_GOT_IP, ip:192.168.1.70, mask:255.255.255.0, gw:192.168.1.1
D (3902) event: running post IP_EVENT:0 with handler 0x4026b83c on loop 0x40107224
I (3908) tcpip_adapter: sta ip: 192.168.1.70, mask: 255.255.255.0, gw: 192.168.1.1
D (3914) event: running post IP_EVENT:0 with handler 0x4022cadc on loop 0x40107224
I (3920) example_connect: Connected to xiaomi-homerun
I (3925) example_connect: IPv4 address: 192.168.1.70
I (3930) MQTTS_EXAMPLE: [APP] Free memory: 69036 bytes
D (3934) MQTT_CLIENT: MQTT client_id=device-9100884
D (3937) event: created event loop 0x4010774c
D (3942) MQTT_CLIENT: Core selection disabled
I (3946) MQTTS_EXAMPLE: Other event id:7
D (3949) esp-tls: host:183.3.132.83: strlen 12
D (4018) esp-tls: handshake in progress...
ssl->state = 00 

ssl->state = 01 

ssl->state = 02 

ssl->state = 03 

ssl->state = 04 

ssl->state = 05 

ssl->state = 06 

ssl->state = 07 

ssl->state = 08 

ssl->state = 09 



  => write certificate verify 



  <= write certificate verify

ssl->state = 0a 

ssl->state = 0b 

ssl->state = 0c 

D (9062) tcpip_adapter: if0 dhcpc cb
D (9067) tcpip_adapter: if120 ip uncssl->state = 0d 

ssl->state = 0e 

ssl->state = 0f 

hanged
D (9081) MQTT_CLIENT: Transport connected to mqtts://==========
I (9087) MQTT_CLIENT: Sending MQTT CONNECT message, type: 1, id: 0000
D (9099) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9105) tcpip_adapter: if0 dhcpc cb
D (9108) tcpip_adapter: if120 ip unchanged
D (9111) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9116) tcpip_adapter: if0 dhcpc cb
D (9119) tcpip_adapter: if120 ip unchanged
D (9126) MQTT_CLIENT: mqtt_message_receive: first byte: 0x20
D (9131) MQTT_CLIENT: mqtt_message_receive: read "remaining length" byte: 0x2
D (9136) MQTT_CLIENT: mqtt_message_receive: total message length: 4 (already read: 2)
D (9142) MQTT_CLIENT: mqtt_message_receive: read_len=2
D (9145) MQTT_CLIENT: mqtt_message_receive: transport_read():4 4
D (9150) MQTT_CLIENT: Connected
I (9152) MQTTS_EXAMPLE: MQTT_EVENT_CONNECTED
D (9156) MQTT_CLIENT: mqtt_enqueue id: 53941, type=8 successful
D (9160) OUTBOX: ENQUEUE msgid=53941, msg_type=8, len=32, size=32
D (9169) MQTT_CLIENT: Sent subscribe topic=/1347/9100884/sys/operate, id: 53941, type=8 successful
I (9176) MQTTS_EXAMPLE: sent subscribe successful, msg_id=53941
D (9182) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9194) MQTT_CLIENT: mqtt_message_receive: first byte: 0x90
D (9198) MQTT_CLIENT: mqtt_message_receive: read "remaining length" byte: 0x3
D (9205) MQTT_CLIENT: mqtt_message_receive: total message length: 5 (already read: 2)
D (9211) MQTT_CLIENT: mqtt_message_receive: read_len=3
D (9215) MQTT_CLIENT: mqtt_message_receive: transport_read():5 5
D (9219) MQTT_CLIENT: msg_type=9, msg_id=53941
D (9222) MQTT_CLIENT: pending_id=53941, pending_msg_count = 1
D (9226) OUTBOX: DELETED msgid=53941, msg_type=8, remain size=0
D (9231) MQTT_CLIENT: Subscribe successful
I (9235) MQTTS_EXAMPLE: MQTT_EVENT_SUBSCRIBED, msg_id=53941
D (9239) MQTT_CLIENT: mqtt_enqueue id: 26436, type=3 successful
D (9244) OUTBOX: ENQUEUE msgid=26436, msg_type=3, len=40, size=40
I (9254) MQTTS_EXAMPLE: sent publish successful, msg_id=26436
D (9260) tcpip_adapter: if0 dhcpc cb
D (9263) tcpip_adapter: if120 ip unchanged
D (9266) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9271) tcpip_adapter: if0 dhcpc cb
D (9279) MQTT_CLIENT: mqtt_message_receive: first byte: 0x40
D (9283) MQTT_CLIENT: mqtt_message_receive: read "remaining length" byte: 0x2
D (9290) MQTT_CLIENT: mqtt_message_receive: total message length: 4 (already read: 2)
D (9296) MQTT_CLIENT: mqtt_message_receive: read_len=2
D (9300) MQTT_CLIENT: mqtt_message_receive: transport_read():4 4
D (9304) MQTT_CLIENT: msg_type=4, msg_id=26436
D (9308) MQTT_CLIENT: pending_id=26436, pending_msg_count = 1
D (9312) OUTBOX: DELETED msgid=26436, msg_type=3, remain size=0
D (9317) MQTT_CLIENT: received MQTT_MSG_TYPE_PUBACK, finish QoS1 publish
I (9322) MQTTS_EXAMPLE: MQTT_EVENT_PUBLISHED, msg_id=26436
D (9328) tcpip_adapter: if120 ip unchanged
D (9331) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9336) tcpip_adapter: if0 dhcpc cb
D (9339) tcpip_adapter: if120 ip unchanged
D (9342) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9347) tcpip_adapter: if0 dhcpc cb
D (9350) tcpip_adapter: if120 ip unchanged
D (9353) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9358) tcpip_adapter: if0 dhcpc cb
D (9361) tcpip_adapter: if120 ip unchanged
D (9363) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9369) tcpip_adapter: if0 dhcpc cb
D (9371) tcpip_adapter: if120 ip unchanged
D (9374) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9380) tcpip_adapter: if0 dhcpc cb
D (9382) tcpip_adapter: if120 ip unchanged
D (9386) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9393) tcpip_adapter: if0 dhcpc cb
D (9395) tcpip_adapter: if120 ip unchanged
D (9399) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

D (9799) tcpip_adapter: if0 dhcpc cb
D (9803) tcpip_adapter: if120 ip unchanged
D (9806) tcpip_adapter: ip:192.168.1.70,mask:255.255.255.0,gw:192.168.1.1

V (10320) MQTT_CLIENT: mqtt_message_receive: transport_read(): no data or EOF
V (11320) MQTT_CLIENT: mqtt_message_receive: transport_read(): no data or EOF
V (12320) MQTT_CLIENT: mqtt_message_receive: transport_read(): no data or EOF
V (13320) MQTT_CLIENT: mqtt_message_receive: transport_read(): no data or EOF
V (14321) MQTT_CLIENT: mqtt_message_receive: transport_read(): no data or EOF