From c6934d61754682d34a630f8232b3f497df8c8fec Mon Sep 17 00:00:00 2001 From: Marius Vikhammer Date: Fri, 27 Sep 2019 09:35:26 +0800 Subject: [PATCH] MQTT: update default broker URL for examples The MQTT broker URL used as default in the examples has ceased operation. All examples and documention have been updated to point to the new domain mqtt.eclipse.org. This also required an update of the python example test scripts to use TLS 1.2 --- .../mqtt/weekend_test/mqtt_publish_test.py | 3 +- docs/en/api-reference/protocols/mqtt.rst | 28 +++++++++---------- .../mqtt/publish_test/CMakeLists.txt | 2 +- .../mqtt/publish_test/main/Kconfig.projbuild | 8 +++--- .../mqtt/publish_test/main/component.mk | 2 +- ...t_eclipse_org.pem => mqtt_eclipse_org.pem} | 0 .../mqtt/publish_test/main/publish_test.c | 8 +++--- examples/protocols/mqtt/ssl/CMakeLists.txt | 2 +- examples/protocols/mqtt/ssl/README.md | 8 +++--- .../protocols/mqtt/ssl/main/Kconfig.projbuild | 2 +- examples/protocols/mqtt/ssl/main/app_main.c | 8 +++--- examples/protocols/mqtt/ssl/main/component.mk | 2 +- ...t_eclipse_org.pem => mqtt_eclipse_org.pem} | 0 .../mqtt/ssl/mqtt_ssl_example_test.py | 2 +- .../protocols/mqtt/tcp/main/Kconfig.projbuild | 2 +- examples/protocols/mqtt/ws/README.md | 2 +- .../protocols/mqtt/ws/main/Kconfig.projbuild | 2 +- .../protocols/mqtt/ws/mqtt_ws_example_test.py | 1 - examples/protocols/mqtt/wss/CMakeLists.txt | 2 +- examples/protocols/mqtt/wss/README.md | 10 +++---- .../protocols/mqtt/wss/main/Kconfig.projbuild | 2 +- examples/protocols/mqtt/wss/main/app_main.c | 8 +++--- examples/protocols/mqtt/wss/main/component.mk | 2 +- ...t_eclipse_org.pem => mqtt_eclipse_org.pem} | 0 .../mqtt/wss/mqtt_wss_example_test.py | 2 +- .../pppos_client/main/pppos_client_main.c | 2 +- 26 files changed, 54 insertions(+), 56 deletions(-) rename examples/protocols/mqtt/publish_test/main/{iot_eclipse_org.pem => mqtt_eclipse_org.pem} (100%) rename examples/protocols/mqtt/ssl/main/{iot_eclipse_org.pem => mqtt_eclipse_org.pem} (100%) rename examples/protocols/mqtt/wss/main/{iot_eclipse_org.pem => mqtt_eclipse_org.pem} (100%) diff --git a/components/mqtt/weekend_test/mqtt_publish_test.py b/components/mqtt/weekend_test/mqtt_publish_test.py index 9263f3ada..7b738a81a 100644 --- a/components/mqtt/weekend_test/mqtt_publish_test.py +++ b/components/mqtt/weekend_test/mqtt_publish_test.py @@ -80,13 +80,12 @@ def test_single_config(dut, transport, qos, repeat, published): try: if transport in ["ws", "wss"]: client = mqtt.Client(transport="websockets") - client.ws_set_options(path="/ws", headers=None) else: client = mqtt.Client() client.on_connect = on_connect client.on_message = on_message if transport in ["ssl", "wss"]: - client.tls_set(None, None, None, cert_reqs=ssl.CERT_NONE, tls_version=ssl.PROTOCOL_TLSv1, ciphers=None) + client.tls_set(None, None, None, cert_reqs=ssl.CERT_NONE, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None) client.tls_insecure_set(True) print("Connecting...") client.connect(broker_host[transport], broker_port[transport], 60) diff --git a/docs/en/api-reference/protocols/mqtt.rst b/docs/en/api-reference/protocols/mqtt.rst index cb956755a..80d6270b9 100644 --- a/docs/en/api-reference/protocols/mqtt.rst +++ b/docs/en/api-reference/protocols/mqtt.rst @@ -32,30 +32,30 @@ URI - Curently support ``mqtt``, ``mqtts``, ``ws``, ``wss`` schemes - MQTT over TCP samples: - - ``mqtt://iot.eclipse.org``: MQTT over TCP, default port 1883: - - ``mqtt://iot.eclipse.org:1884`` MQTT over TCP, port 1884: - - ``mqtt://username:password@iot.eclipse.org:1884`` MQTT over TCP, + - ``mqtt://mqtt.eclipse.org``: MQTT over TCP, default port 1883: + - ``mqtt://mqtt.eclipse.org:1884`` MQTT over TCP, port 1884: + - ``mqtt://username:password@mqtt.eclipse.org:1884`` MQTT over TCP, port 1884, with username and password - MQTT over SSL samples: - - ``mqtts://iot.eclipse.org``: MQTT over SSL, port 8883 - - ``mqtts://iot.eclipse.org:8884``: MQTT over SSL, port 8884 + - ``mqtts://mqtt.eclipse.org``: MQTT over SSL, port 8883 + - ``mqtts://mqtt.eclipse.org:8884``: MQTT over SSL, port 8884 - MQTT over Websocket samples: - - ``ws://iot.eclipse.org:80/ws`` + - ``ws://mqtt.eclipse.org:80/mqtt`` - MQTT over Websocket Secure samples: - - ``wss://iot.eclipse.org:443/ws`` + - ``wss://mqtt.eclipse.org:443/mqtt`` - Minimal configurations: .. code:: c const esp_mqtt_client_config_t mqtt_cfg = { - .uri = "mqtt://iot.eclipse.org", + .uri = "mqtt://mqtt.eclipse.org", // .user_context = (void *)your_context }; esp_mqtt_client_handle_t client = esp_mqtt_client_init(&mqtt_cfg); @@ -71,25 +71,25 @@ URI .. code:: c const esp_mqtt_client_config_t mqtt_cfg = { - .uri = "mqtt://iot.eclipse.org:1234", + .uri = "mqtt://mqtt.eclipse.org:1234", .port = 4567, }; - //MQTT client will connect to iot.eclipse.org using port 4567 + //MQTT client will connect to mqtt.eclipse.org using port 4567 SSL ^^^ -- Get certificate from server, example: ``iot.eclipse.org`` - ``openssl s_client -showcerts -connect iot.eclipse.org:8883 /dev/null|openssl x509 -outform PEM >iot_eclipse_org.pem`` +- Get certificate from server, example: ``mqtt.eclipse.org`` + ``openssl s_client -showcerts -connect mqtt.eclipse.org:8883 /dev/null|openssl x509 -outform PEM >mqtt_eclipse_org.pem`` - Check the sample application: ``examples/mqtt_ssl`` - Configuration: .. code:: cpp const esp_mqtt_client_config_t mqtt_cfg = { - .uri = "mqtts://iot.eclipse.org:8883", + .uri = "mqtts://mqtt.eclipse.org:8883", .event_handle = mqtt_event_handler, - .cert_pem = (const char *)iot_eclipse_org_pem_start, + .cert_pem = (const char *)mqtt_eclipse_org_pem_start, }; For more options on ``esp_mqtt_client_config_t``, please refer to API reference below diff --git a/examples/protocols/mqtt/publish_test/CMakeLists.txt b/examples/protocols/mqtt/publish_test/CMakeLists.txt index 2203d063f..4a46af3e5 100644 --- a/examples/protocols/mqtt/publish_test/CMakeLists.txt +++ b/examples/protocols/mqtt/publish_test/CMakeLists.txt @@ -10,4 +10,4 @@ include($ENV{IDF_PATH}/tools/cmake/project.cmake) project(mqtt_publish) -target_add_binary_data(mqtt_publish.elf "main/iot_eclipse_org.pem" TEXT) +target_add_binary_data(mqtt_publish.elf "main/mqtt_eclipse_org.pem" TEXT) diff --git a/examples/protocols/mqtt/publish_test/main/Kconfig.projbuild b/examples/protocols/mqtt/publish_test/main/Kconfig.projbuild index 8360e573d..bf4197482 100644 --- a/examples/protocols/mqtt/publish_test/main/Kconfig.projbuild +++ b/examples/protocols/mqtt/publish_test/main/Kconfig.projbuild @@ -2,25 +2,25 @@ menu "Example Configuration" config EXAMPLE_BROKER_SSL_URI string "Broker SSL URL" - default "mqtts://iot.eclipse.org:8883" + default "mqtts://mqtt.eclipse.org:8883" help URL of an mqtt broker for ssl transport config EXAMPLE_BROKER_TCP_URI string "Broker TCP URL" - default "mqtt://iot.eclipse.org:1883" + default "mqtt://mqtt.eclipse.org:1883" help URL of an mqtt broker for tcp transport config EXAMPLE_BROKER_WS_URI string "Broker WS URL" - default "ws://iot.eclipse.org:80/ws" + default "ws://mqtt.eclipse.org:80/mqtt" help URL of an mqtt broker for ws transport config EXAMPLE_BROKER_WSS_URI string "Broker WSS URL" - default "wss://iot.eclipse.org:443/ws" + default "wss://mqtt.eclipse.org:443/mqtt" help URL of an mqtt broker for wss transport diff --git a/examples/protocols/mqtt/publish_test/main/component.mk b/examples/protocols/mqtt/publish_test/main/component.mk index 797c4a1f6..597752fb9 100644 --- a/examples/protocols/mqtt/publish_test/main/component.mk +++ b/examples/protocols/mqtt/publish_test/main/component.mk @@ -1 +1 @@ -COMPONENT_EMBED_TXTFILES := iot_eclipse_org.pem +COMPONENT_EMBED_TXTFILES := mqtt_eclipse_org.pem diff --git a/examples/protocols/mqtt/publish_test/main/iot_eclipse_org.pem b/examples/protocols/mqtt/publish_test/main/mqtt_eclipse_org.pem similarity index 100% rename from examples/protocols/mqtt/publish_test/main/iot_eclipse_org.pem rename to examples/protocols/mqtt/publish_test/main/mqtt_eclipse_org.pem diff --git a/examples/protocols/mqtt/publish_test/main/publish_test.c b/examples/protocols/mqtt/publish_test/main/publish_test.c index 9183bbb8b..918f9a191 100644 --- a/examples/protocols/mqtt/publish_test/main/publish_test.c +++ b/examples/protocols/mqtt/publish_test/main/publish_test.c @@ -46,11 +46,11 @@ static int qos_test = 0; #if CONFIG_EXAMPLE_BROKER_CERTIFICATE_OVERRIDDEN == 1 -static const uint8_t iot_eclipse_org_pem_start[] = "-----BEGIN CERTIFICATE-----\n" CONFIG_EXAMPLE_BROKER_CERTIFICATE_OVERRIDE "\n-----END CERTIFICATE-----"; +static const uint8_t mqtt_eclipse_org_pem_start[] = "-----BEGIN CERTIFICATE-----\n" CONFIG_EXAMPLE_BROKER_CERTIFICATE_OVERRIDE "\n-----END CERTIFICATE-----"; #else -extern const uint8_t iot_eclipse_org_pem_start[] asm("_binary_iot_eclipse_org_pem_start"); +extern const uint8_t mqtt_eclipse_org_pem_start[] asm("_binary_mqtt_eclipse_org_pem_start"); #endif -extern const uint8_t iot_eclipse_org_pem_end[] asm("_binary_iot_eclipse_org_pem_end"); +extern const uint8_t mqtt_eclipse_org_pem_end[] asm("_binary_mqtt_eclipse_org_pem_end"); static esp_err_t mqtt_event_handler(esp_mqtt_event_handle_t event) { @@ -127,7 +127,7 @@ static void mqtt_app_start(void) mqtt_event_group = xEventGroupCreate(); const esp_mqtt_client_config_t mqtt_cfg = { .event_handle = mqtt_event_handler, - .cert_pem = (const char *)iot_eclipse_org_pem_start, + .cert_pem = (const char *)mqtt_eclipse_org_pem_start, }; ESP_LOGI(TAG, "[APP] Free memory: %d bytes", esp_get_free_heap_size()); diff --git a/examples/protocols/mqtt/ssl/CMakeLists.txt b/examples/protocols/mqtt/ssl/CMakeLists.txt index a7b2c4420..2b78a842b 100644 --- a/examples/protocols/mqtt/ssl/CMakeLists.txt +++ b/examples/protocols/mqtt/ssl/CMakeLists.txt @@ -9,4 +9,4 @@ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_exam include($ENV{IDF_PATH}/tools/cmake/project.cmake) project(mqtt_ssl) -target_add_binary_data(mqtt_ssl.elf "main/iot_eclipse_org.pem" TEXT) +target_add_binary_data(mqtt_ssl.elf "main/mqtt_eclipse_org.pem" TEXT) diff --git a/examples/protocols/mqtt/ssl/README.md b/examples/protocols/mqtt/ssl/README.md index e2693729d..aa96a6841 100644 --- a/examples/protocols/mqtt/ssl/README.md +++ b/examples/protocols/mqtt/ssl/README.md @@ -2,7 +2,7 @@ (See the README.md file in the upper level 'examples' directory for more information about examples.) -This example connects to the broker iot.eclipse.org using ssl transport and as a demonstration subscribes/unsubscribes and send a message on certain topic. +This example connects to the broker mqtt.eclipse.org using ssl transport and as a demonstration subscribes/unsubscribes and send a message on certain topic. (Please note that the public broker is maintained by the community so may not be always available, for details please see this [disclaimer](https://iot.eclipse.org/getting-started/#sandboxes)) It uses ESP-MQTT library which implements mqtt client to connect to mqtt broker. @@ -19,13 +19,13 @@ This example can be executed on any ESP32 board, the only required interface is * Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../../README.md) for more details. * When using Make build system, set `Default serial port` under `Serial flasher config`. -PEM certificate for this example could be extracted from an openssl `s_client` command connecting to iot.eclipse.org. +PEM certificate for this example could be extracted from an openssl `s_client` command connecting to mqtt.eclipse.org. In case a host operating system has `openssl` and `sed` packages installed, one could execute the following command to download and save the root certificate to a file (Note for Windows users: Both Linux like environment or Windows native packages may be used). ``` -echo "" | openssl s_client -showcerts -connect iot.eclipse.org:8883 | sed -n "1,/Root/d; /BEGIN/,/END/p" | openssl x509 -outform PEM >iot_eclipse_org.pem +echo "" | openssl s_client -showcerts -connect mqtt.eclipse.org:8883 | sed -n "1,/Root/d; /BEGIN/,/END/p" | openssl x509 -outform PEM >mqtt_eclipse_org.pem ``` Please note that this is not a general command for downloading a root certificate for an arbitrary host; -this command works with iot.eclipse.org as the site provides root certificate in the chain, which then could be extracted +this command works with mqtt.eclipse.org as the site provides root certificate in the chain, which then could be extracted with text operation. ### Build and Flash diff --git a/examples/protocols/mqtt/ssl/main/Kconfig.projbuild b/examples/protocols/mqtt/ssl/main/Kconfig.projbuild index e31873366..3c44294b0 100644 --- a/examples/protocols/mqtt/ssl/main/Kconfig.projbuild +++ b/examples/protocols/mqtt/ssl/main/Kconfig.projbuild @@ -2,7 +2,7 @@ menu "Example Configuration" config BROKER_URI string "Broker URL" - default "mqtts://iot.eclipse.org:8883" + default "mqtts://mqtt.eclipse.org:8883" help URL of an mqtt broker which this example connects to. diff --git a/examples/protocols/mqtt/ssl/main/app_main.c b/examples/protocols/mqtt/ssl/main/app_main.c index fd0a49d7b..cf0df5836 100644 --- a/examples/protocols/mqtt/ssl/main/app_main.c +++ b/examples/protocols/mqtt/ssl/main/app_main.c @@ -35,11 +35,11 @@ static const char *TAG = "MQTTS_EXAMPLE"; #if CONFIG_BROKER_CERTIFICATE_OVERRIDDEN == 1 -static const uint8_t iot_eclipse_org_pem_start[] = "-----BEGIN CERTIFICATE-----\n" CONFIG_BROKER_CERTIFICATE_OVERRIDE "\n-----END CERTIFICATE-----"; +static const uint8_t mqtt_eclipse_org_pem_start[] = "-----BEGIN CERTIFICATE-----\n" CONFIG_BROKER_CERTIFICATE_OVERRIDE "\n-----END CERTIFICATE-----"; #else -extern const uint8_t iot_eclipse_org_pem_start[] asm("_binary_iot_eclipse_org_pem_start"); +extern const uint8_t mqtt_eclipse_org_pem_start[] asm("_binary_mqtt_eclipse_org_pem_start"); #endif -extern const uint8_t iot_eclipse_org_pem_end[] asm("_binary_iot_eclipse_org_pem_end"); +extern const uint8_t mqtt_eclipse_org_pem_end[] asm("_binary_mqtt_eclipse_org_pem_end"); static esp_err_t mqtt_event_handler_cb(esp_mqtt_event_handle_t event) { @@ -101,7 +101,7 @@ static void mqtt_app_start(void) { const esp_mqtt_client_config_t mqtt_cfg = { .uri = CONFIG_BROKER_URI, - .cert_pem = (const char *)iot_eclipse_org_pem_start, + .cert_pem = (const char *)mqtt_eclipse_org_pem_start, }; ESP_LOGI(TAG, "[APP] Free memory: %d bytes", esp_get_free_heap_size()); diff --git a/examples/protocols/mqtt/ssl/main/component.mk b/examples/protocols/mqtt/ssl/main/component.mk index 797c4a1f6..597752fb9 100644 --- a/examples/protocols/mqtt/ssl/main/component.mk +++ b/examples/protocols/mqtt/ssl/main/component.mk @@ -1 +1 @@ -COMPONENT_EMBED_TXTFILES := iot_eclipse_org.pem +COMPONENT_EMBED_TXTFILES := mqtt_eclipse_org.pem diff --git a/examples/protocols/mqtt/ssl/main/iot_eclipse_org.pem b/examples/protocols/mqtt/ssl/main/mqtt_eclipse_org.pem similarity index 100% rename from examples/protocols/mqtt/ssl/main/iot_eclipse_org.pem rename to examples/protocols/mqtt/ssl/main/mqtt_eclipse_org.pem diff --git a/examples/protocols/mqtt/ssl/mqtt_ssl_example_test.py b/examples/protocols/mqtt/ssl/mqtt_ssl_example_test.py index 7e6648253..ef9d1a9d6 100644 --- a/examples/protocols/mqtt/ssl/mqtt_ssl_example_test.py +++ b/examples/protocols/mqtt/ssl/mqtt_ssl_example_test.py @@ -87,7 +87,7 @@ def test_examples_protocol_mqtt_ssl(env, extra_data): client.on_message = on_message client.tls_set(None, None, - None, cert_reqs=ssl.CERT_NONE, tls_version=ssl.PROTOCOL_TLSv1, ciphers=None) + None, cert_reqs=ssl.CERT_NONE, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None) client.tls_insecure_set(True) print("Connecting...") client.connect(broker_url, broker_port, 60) diff --git a/examples/protocols/mqtt/tcp/main/Kconfig.projbuild b/examples/protocols/mqtt/tcp/main/Kconfig.projbuild index fbd48103b..fc6e8a184 100644 --- a/examples/protocols/mqtt/tcp/main/Kconfig.projbuild +++ b/examples/protocols/mqtt/tcp/main/Kconfig.projbuild @@ -2,7 +2,7 @@ menu "Example Configuration" config BROKER_URL string "Broker URL" - default "mqtt://iot.eclipse.org" + default "mqtt://mqtt.eclipse.org" help URL of the broker to connect to diff --git a/examples/protocols/mqtt/ws/README.md b/examples/protocols/mqtt/ws/README.md index c0526b073..3b2a05a97 100644 --- a/examples/protocols/mqtt/ws/README.md +++ b/examples/protocols/mqtt/ws/README.md @@ -2,7 +2,7 @@ (See the README.md file in the upper level 'examples' directory for more information about examples.) -This example connects to the broker iot.eclipse.org over web sockets as a demonstration subscribes/unsubscribes and send a message on certain topic. +This example connects to the broker mqtt.eclipse.org over web sockets as a demonstration subscribes/unsubscribes and send a message on certain topic. (Please note that the public broker is maintained by the community so may not be always available, for details please see this [disclaimer](https://iot.eclipse.org/getting-started/#sandboxes)) It uses ESP-MQTT library which implements mqtt client to connect to mqtt broker. diff --git a/examples/protocols/mqtt/ws/main/Kconfig.projbuild b/examples/protocols/mqtt/ws/main/Kconfig.projbuild index 46f3ad565..c298f5d7c 100644 --- a/examples/protocols/mqtt/ws/main/Kconfig.projbuild +++ b/examples/protocols/mqtt/ws/main/Kconfig.projbuild @@ -2,7 +2,7 @@ menu "Example Configuration" config BROKER_URI string "Broker URL" - default "ws://iot.eclipse.org:80/ws" + default "ws://mqtt.eclipse.org:80/mqtt" help URL of an mqtt broker which this example connects to. diff --git a/examples/protocols/mqtt/ws/mqtt_ws_example_test.py b/examples/protocols/mqtt/ws/mqtt_ws_example_test.py index 0578876e2..58b8d5e37 100644 --- a/examples/protocols/mqtt/ws/mqtt_ws_example_test.py +++ b/examples/protocols/mqtt/ws/mqtt_ws_example_test.py @@ -82,7 +82,6 @@ def test_examples_protocol_mqtt_ws(env, extra_data): client = mqtt.Client(transport="websockets") client.on_connect = on_connect client.on_message = on_message - client.ws_set_options(path="/ws", headers=None) print("Connecting...") client.connect(broker_url, broker_port, 60) except Exception: diff --git a/examples/protocols/mqtt/wss/CMakeLists.txt b/examples/protocols/mqtt/wss/CMakeLists.txt index 3e2d5fc23..2350bd829 100644 --- a/examples/protocols/mqtt/wss/CMakeLists.txt +++ b/examples/protocols/mqtt/wss/CMakeLists.txt @@ -9,4 +9,4 @@ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_exam include($ENV{IDF_PATH}/tools/cmake/project.cmake) project(mqtt_websocket_secure) -target_add_binary_data(mqtt_websocket_secure.elf "main/iot_eclipse_org.pem" TEXT) +target_add_binary_data(mqtt_websocket_secure.elf "main/mqtt_eclipse_org.pem" TEXT) diff --git a/examples/protocols/mqtt/wss/README.md b/examples/protocols/mqtt/wss/README.md index 9851d5433..c07477fe1 100644 --- a/examples/protocols/mqtt/wss/README.md +++ b/examples/protocols/mqtt/wss/README.md @@ -1,7 +1,7 @@ # ESP-MQTT MQTT over WSS Sample application (See the README.md file in the upper level 'examples' directory for more information about examples.) -This example connects to the broker iot.eclipse.org over secure websockets and as a demonstration subscribes/unsubscribes and send a message on certain topic. +This example connects to the broker mqtt.eclipse.org over secure websockets and as a demonstration subscribes/unsubscribes and send a message on certain topic. (Please note that the public broker is maintained by the community so may not be always available, for details please see this [disclaimer](https://iot.eclipse.org/getting-started/#sandboxes)) It uses ESP-MQTT library which implements mqtt client to connect to mqtt broker. @@ -18,15 +18,15 @@ This example can be executed on any ESP32 board, the only required interface is * Configure Wi-Fi or Ethernet under "Example Connection Configuration" menu. See "Establishing Wi-Fi or Ethernet Connection" section in [examples/protocols/README.md](../../README.md) for more details. * When using Make build system, set `Default serial port` under `Serial flasher config`. -Note how to create a PEM certificate for iot.eclipse.org: +Note how to create a PEM certificate for mqtt.eclipse.org: -PEM certificate for this example could be extracted from an openssl `s_client` command connecting to iot.eclipse.org. +PEM certificate for this example could be extracted from an openssl `s_client` command connecting to mqtt.eclipse.org. In case a host operating system has `openssl` and `sed` packages installed, one could execute the following command to download and save the root certificate to a file (Note for Windows users: Both Linux like environment or Windows native packages may be used). ``` -echo "" | openssl s_client -showcerts -connect iot.eclipse.org:443 | sed -n "1,/Root/d; /BEGIN/,/END/p" | openssl x509 -outform PEM >iot_eclipse_org.pem +echo "" | openssl s_client -showcerts -connect mqtt.eclipse.org:443 | sed -n "1,/Root/d; /BEGIN/,/END/p" | openssl x509 -outform PEM >mqtt_eclipse_org.pem ``` Please note that this is not a general command for downloading a root certificate for an arbitrary host; -this command works with iot.eclipse.org as the site provides root certificate in the chain, which then could be extracted +this command works with mqtt.eclipse.org as the site provides root certificate in the chain, which then could be extracted with text operation. ### Build and Flash diff --git a/examples/protocols/mqtt/wss/main/Kconfig.projbuild b/examples/protocols/mqtt/wss/main/Kconfig.projbuild index d3f7bf51c..5e43c8949 100644 --- a/examples/protocols/mqtt/wss/main/Kconfig.projbuild +++ b/examples/protocols/mqtt/wss/main/Kconfig.projbuild @@ -2,7 +2,7 @@ menu "Example Configuration" config BROKER_URI string "Broker URL" - default "wss://iot.eclipse.org:443/ws" + default "wss://mqtt.eclipse.org:443/mqtt" help URL of an mqtt broker which this example connects to. diff --git a/examples/protocols/mqtt/wss/main/app_main.c b/examples/protocols/mqtt/wss/main/app_main.c index a9de24455..529e96060 100644 --- a/examples/protocols/mqtt/wss/main/app_main.c +++ b/examples/protocols/mqtt/wss/main/app_main.c @@ -33,11 +33,11 @@ static const char *TAG = "MQTTWSS_EXAMPLE"; #if CONFIG_BROKER_CERTIFICATE_OVERRIDDEN == 1 -static const uint8_t iot_eclipse_org_pem_start[] = "-----BEGIN CERTIFICATE-----\n" CONFIG_BROKER_CERTIFICATE_OVERRIDE "\n-----END CERTIFICATE-----"; +static const uint8_t mqtt_eclipse_org_pem_start[] = "-----BEGIN CERTIFICATE-----\n" CONFIG_BROKER_CERTIFICATE_OVERRIDE "\n-----END CERTIFICATE-----"; #else -extern const uint8_t iot_eclipse_org_pem_start[] asm("_binary_iot_eclipse_org_pem_start"); +extern const uint8_t mqtt_eclipse_org_pem_start[] asm("_binary_mqtt_eclipse_org_pem_start"); #endif -extern const uint8_t iot_eclipse_org_pem_end[] asm("_binary_iot_eclipse_org_pem_end"); +extern const uint8_t mqtt_eclipse_org_pem_end[] asm("_binary_mqtt_eclipse_org_pem_end"); static esp_err_t mqtt_event_handler_cb(esp_mqtt_event_handle_t event) { @@ -95,7 +95,7 @@ static void mqtt_app_start(void) { const esp_mqtt_client_config_t mqtt_cfg = { .uri = CONFIG_BROKER_URI, - .cert_pem = (const char *)iot_eclipse_org_pem_start, + .cert_pem = (const char *)mqtt_eclipse_org_pem_start, }; ESP_LOGI(TAG, "[APP] Free memory: %d bytes", esp_get_free_heap_size()); diff --git a/examples/protocols/mqtt/wss/main/component.mk b/examples/protocols/mqtt/wss/main/component.mk index 797c4a1f6..597752fb9 100644 --- a/examples/protocols/mqtt/wss/main/component.mk +++ b/examples/protocols/mqtt/wss/main/component.mk @@ -1 +1 @@ -COMPONENT_EMBED_TXTFILES := iot_eclipse_org.pem +COMPONENT_EMBED_TXTFILES := mqtt_eclipse_org.pem diff --git a/examples/protocols/mqtt/wss/main/iot_eclipse_org.pem b/examples/protocols/mqtt/wss/main/mqtt_eclipse_org.pem similarity index 100% rename from examples/protocols/mqtt/wss/main/iot_eclipse_org.pem rename to examples/protocols/mqtt/wss/main/mqtt_eclipse_org.pem diff --git a/examples/protocols/mqtt/wss/mqtt_wss_example_test.py b/examples/protocols/mqtt/wss/mqtt_wss_example_test.py index 58ce56036..15ca2834a 100644 --- a/examples/protocols/mqtt/wss/mqtt_wss_example_test.py +++ b/examples/protocols/mqtt/wss/mqtt_wss_example_test.py @@ -85,7 +85,7 @@ def test_examples_protocol_mqtt_wss(env, extra_data): client.on_message = on_message client.tls_set(None, None, - None, cert_reqs=ssl.CERT_NONE, tls_version=ssl.PROTOCOL_TLSv1, ciphers=None) + None, cert_reqs=ssl.CERT_NONE, tls_version=ssl.PROTOCOL_TLSv1_2, ciphers=None) print("Connecting...") client.connect(broker_url, broker_port, 60) except Exception: diff --git a/examples/protocols/pppos_client/main/pppos_client_main.c b/examples/protocols/pppos_client/main/pppos_client_main.c index 4f376ea68..c3a18a6cb 100644 --- a/examples/protocols/pppos_client/main/pppos_client_main.c +++ b/examples/protocols/pppos_client/main/pppos_client_main.c @@ -16,7 +16,7 @@ #include "sim800.h" #include "bg96.h" -#define BROKER_URL "mqtt://iot.eclipse.org" +#define BROKER_URL "mqtt://mqtt.eclipse.org" static const char *TAG = "pppos_example"; static EventGroupHandle_t event_group = NULL;