nodeMCU TLS证书错误 [英] nodeMCU TLS certificate error

问题描述

我正在构建真正简单的IoT项目，并且遇到了nodeMCU TLS问题.我在Raspberry pi上安装了MQTT代理，所有证书均已正确插入(与同一树莓上的Paho Client或远程PC上的Mqtt.fx客户端都可以正常使用)，但是当我尝试将ESP8266与nodeMCU连接时，我正在获取SSL握手错误(是的，我为所有提到的客户端使用相同的证书文件).我的ESP8266代码如下所示:

I am building realy simple IoT project, and I am stuck on nodeMCU TLS problem. I have MQTT broker on my Raspberry pi, all certificates are correctly inserted (everything working fine with Paho Client on same raspberry or with Mqtt.fx client on remote PC), but when I try to connect from my ESP8266 with nodeMCU I am getting SSL handshake error (yes, I am using same cert file for all mentioned clients). My ESP8266 code looks like this:

    tls.cert.verify([[
    -----BEGIN CERTIFICATE-----
    -----END CERTIFICATE-----
    ]])

    m:connect(config.HOST, 8883, 1, function(con) 
        print("Connected to MQTT broker")    
        register_myself()
        -- And then pings each 1000 milliseconds
        tmr.stop(6)
        tmr.alarm(6, 1000, 1, send_ping)
    end, handle_mqtt_error)

我从m:connect收到错误代码 -5(mqtt.CONN_FAIL_SERVER_NOT_FOUND)，但是当我使用Wireshark分析数据包时，TLS握手看起来像这样:

I am getting error code -5 (mqtt.CONN_FAIL_SERVER_NOT_FOUND) from m:connect, but when I analyze packets using Wireshark it TLS handshake looks like this:

• 客户您好
• 服务器您好
• 证书，服务器Hello完成
• TLSv1.2记录层:警报(级别:致命，描述:未知CA)

• Client Hello
• Server Hello
• Certificate, Server Hello Done
• TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Unknown CA)

在ESPlorer控制台中也有这行: E:M 544 ，我真的不知道那是什么意思.

Also in ESPlorer console there is this line: E:M 544, I dont realy know what that means.

推荐答案

如果有人遇到同样的事情，我的问题实际上是由项目其他部分的高内存使用引起的，我在应用程序层上使用AES加密，而没有它一切正常.

In case someone encountres same thing, my problem was actualy caused by high memory usage in other parts of my project, I used AES for encryption on application layer, without it everything works great.

这篇关于nodeMCU TLS证书错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！