Skip to main content
N
Noushadalik
Explorer
December 17, 2024
Question

LwIP MQTT TLS Connection Issue with Azure IoT Hub (Port 8883)

  • December 17, 2024
  • 3 replies
  • 1543 views


HELLO,

I am working with the LwIP MQTT client(stm32f407) and trying to connect securely to Azure IoT Hub using port 8883. I have enabled secure TLS connections by defining LWIP_ALTCP and LWIP_ALTCP_TLS. However, I am facing a connection reset issue

mqtt_parse_incoming: Remaining length after fixed header: 3
mqtt_parse_incoming: msg_idx: 5, cpy_len: 3, remaining 0
mqtt_tcp_err_cb: TCP error callback: error -15, arg: 0x20004d2c
MQTT: mqtt_connection_cb: Disconnected, reason: 256

code snippet:

 

#define MQTT_HOST_IP "13.xx.74.xxx"
#define MQTT_HOST_PORT 8883
#define MQTT_USERNAME "xxxxxetestnewhub.azxxxxxxxx/config_test_99/?api-version=2021-04-12" // If required
#define MQTT_PASSWORD "SharedAccessSignature sr=xxxxtestnewhub.azure-devices.net%2Fdevices%2Fconfig_test_99&sig=SawDwVxxxxxxxxxxxxGUHDtuqxaiE%3D&se=1734452908" // If required
const char azure_root_ca[] = "-----BEGIN CERTIFICATE-----\r\n"
		"MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh\r\n"
		,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
		"8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe\r\n"
		"pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl\r\n"
		"MrY=\r\n"
		"-----END CERTIFICATE-----\r\n";
void ConnectionManager() {
 err_t err;
 uint8_t retryCount = 0;
 const uint8_t maxRetries = 5;
 mqttclient = mqtt_client_new();
 if (mqttclient == NULL) {
 printf("Error: Could not create MQTT client\r\n");
 return;
 }
 //generateRandomCharacters(clientId, 16);
 strncpy(clientId, "config_test_99", sizeof(clientId) - 1);
 clientId[sizeof(clientId) - 1] = '\0'; // Ensure null termination
 printf("MQTT Client ID: %s\r\n", clientId);
 //mbedtls_debug_set_threshold(4); // mbedtls debug purpose
 struct altcp_tls_config *tls_config;
 const size_t mbedtls_root_certificate_len = sizeof(azure_root_ca);
 tls_config = altcp_tls_create_config_client((const u8_t*)azure_root_ca, mbedtls_root_certificate_len);
 if (tls_config == NULL) {
 printf("Failed to create TLS configuration.\n");
 return;
 }
 printf("TLS configuration created successfully.\r\n");
 memset(&mqttclientInfo, 0, sizeof(mqttclientInfo));
 mqttclientInfo.keep_alive = 60;
 mqttclientInfo.client_id = clientId;
 mqttclientInfo.client_user = MQTT_USERNAME;
 mqttclientInfo.client_pass = MQTT_PASSWORD;
 mqttclientInfo.tls_config = tls_config;

 // Free the TLS configuration after use
 //altcp_tls_free_config(tls_config);
 broker_ipaddr.addr = ipaddr_addr(MQTT_HOST_IP);
 printf("MQTT: connecting to %s\r\n", ipaddr_ntoa(((const ip_addr_t *)&broker_ipaddr)));
 while (retryCount < maxRetries) {
 if (!mqttConnected) {
 printf("MQTT: Attempting to connect to broker...\r\n");
 err = mqtt_client_connect(mqttclient, &broker_ipaddr, MQTT_HOST_PORT, mqtt_connection_cb, NULL, &mqttclientInfo);

 if (err != ERR_OK) {
 printf("MQTT: Connection initiation failed (err: %d). Retrying...\r\n", err);
 retryCount++;
 osDelay(5000); // Wait before retrying
 } else {
 printf("MQTT: Connection initiated. Waiting for callback...\r\n");
 // Wait for the callback to confirm the connection
 uint32_t waitTime = 0;
 while (waitTime < 60000 && !mqttConnected) { // 15 seconds timeout
 osDelay(100); // Check every 100ms
 waitTime += 100;
 }
 if (mqttConnected) {
 printf("MQTT: Successfully connected to broker.\r\n");
 // Set the incoming message callbacks
 mqtt_set_inpub_callback(mqttclient, mqtt_incoming_publish_cb, mqtt_incoming_data_cb, NULL);
 // Subscribe to a topic
 mqtt_subscribe_to_topic(mqttclient);
 // Publish a test message
 mqtt_publish_message(mqttclient);
 break;
 } else {
 printf("MQTT: Connection attempt timed out. Retrying...\r\n");
 retryCount++;
 }
 }
 }

 osDelay(1000); // Small delay between retries
 }

 if (!mqttConnected) {
 printf("MQTT: Failed to connect after %d attempts.\r\n", retryCount);
 }
 // Cleanup if needed
 mqtt_client_free(mqttclient);
}

 



Queries for Connecting LWIP MQTT to Azure IoT Hub:

  • Can I successfully connect to Azure IoT Hub using LwIP's MQTT implementation?
  • Azure IoT Hub requires MQTT 3.1.1 and TLS 1.2. Does LwIP's MQTT stack with LWIP_ALTCP_TLS fully support these requirements?
  • When connecting to Azure IoT Hub over the secure port 8883, I frequently encounter a TCP reset (ERR_RST).Could this be due to:
    • Incorrect root CA ( DigiCert Global Root G2)?
    • TLS handshake failure?
    • LwIP configuration issues?

    Below are the detailed logs:





 

 

    This topic has been closed for replies.

    3 replies

    N
    NoushadalikAuthor
    Explorer
    December 18, 2024

    Hello,
    Any update today?

    N
    NoushadalikAuthor
    Explorer
    December 20, 2024

    Hello,
    Any updates Today?

    N
    NoushadalikAuthor
    Explorer
    December 23, 2024

    hello,
    Any updates?

    Terms & ConditionsAccessibility statement