Adding TLS functionality to QT MQTT Simpleclient example
-
wrote on 3 Sept 2020, 18:11 last edited by
Greetings,
I've been trying to add TLS support to qT MQTT/examples/mqtt/simpleclient
This is with QT 5.15.0
To start with, fiddled around with a QT console application to test TLS
connectivity to the mosquitto server. This worked out as expected and can publish and subscribe.That said, back to the simple client;
It appeared to me all that it required was
client->connectToHostEncrypted(config);
So, I added in the following:
MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent) , ui(new Ui::MainWindow) { ui->setupUi(this); QByteArray ba_crt; QFile ca_crtf("C:/Program Files/mosquitto/certs_v4/ca.crt"); if (!ca_crtf.open(QIODevice::ReadOnly)) { qDebug() << "ERROR: Opening file: ca.crt"; } else { ba_crt = ca_crtf.readAll(); ca_crtf.close(); qDebug() << "Read CA certificate"; } QSslCertificate ca_crt(ba_crt, QSsl::Pem); QSslConfiguration config; // Since QT 5.14, SSL transport config client = new QMqttClient(this); client->setHostname(ui->lineEditHost->text()); client->setPort(ui->spinBoxPort->value()); config.defaultConfiguration(); config.setProtocol(QSsl::TlsV1_2); // needs to be handled explicitly with config.addCaCertificate(ca_crt); // client.connectToHostEncrypted(config); config.setPeerVerifyMode(QSslSocket::VerifyNone); // Dont check hostname from certificate client->connectToHostEncrypted(config); connect(client, &QMqttClient::stateChanged, this, &MainWindow::updateLogStateChange); connect(client, &QMqttClient::disconnected, this, &MainWindow::brokerDisconnected); connect(client, &QMqttClient::messageReceived, this, [this](const QByteArray &message, const QMqttTopicName &topic) { ..
The rest is the same as in simpleclient
But that resulted in the mosquitto client shouting out to me that
certificate not received in a cryptic message.PS C:\Program Files\mosquitto> .\mosquitto.exe -c .\mosquitto.conf -v 1599155516: mosquitto version 1.6.10 starting 1599155516: Config loaded from .\mosquitto.conf. 1599155516: Opening ipv6 listen socket on port 8883. 1599155516: Opening ipv4 listen socket on port 8883. 1599155578: New connection from 192.168.1.34 on port 8883. 1599155578: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number 1599155578: Socket error on client <unknown>, disconnecting. 1599156145: mosquitto version 1.6.10 terminating PS C:\Program Files\mosquitto>
Maybe I am missing something here ?
Can someone please help me understand why the certificate is not sent in this situation ?Thanks,
Manu
-
Greetings,
I've been trying to add TLS support to qT MQTT/examples/mqtt/simpleclient
This is with QT 5.15.0
To start with, fiddled around with a QT console application to test TLS
connectivity to the mosquitto server. This worked out as expected and can publish and subscribe.That said, back to the simple client;
It appeared to me all that it required was
client->connectToHostEncrypted(config);
So, I added in the following:
MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent) , ui(new Ui::MainWindow) { ui->setupUi(this); QByteArray ba_crt; QFile ca_crtf("C:/Program Files/mosquitto/certs_v4/ca.crt"); if (!ca_crtf.open(QIODevice::ReadOnly)) { qDebug() << "ERROR: Opening file: ca.crt"; } else { ba_crt = ca_crtf.readAll(); ca_crtf.close(); qDebug() << "Read CA certificate"; } QSslCertificate ca_crt(ba_crt, QSsl::Pem); QSslConfiguration config; // Since QT 5.14, SSL transport config client = new QMqttClient(this); client->setHostname(ui->lineEditHost->text()); client->setPort(ui->spinBoxPort->value()); config.defaultConfiguration(); config.setProtocol(QSsl::TlsV1_2); // needs to be handled explicitly with config.addCaCertificate(ca_crt); // client.connectToHostEncrypted(config); config.setPeerVerifyMode(QSslSocket::VerifyNone); // Dont check hostname from certificate client->connectToHostEncrypted(config); connect(client, &QMqttClient::stateChanged, this, &MainWindow::updateLogStateChange); connect(client, &QMqttClient::disconnected, this, &MainWindow::brokerDisconnected); connect(client, &QMqttClient::messageReceived, this, [this](const QByteArray &message, const QMqttTopicName &topic) { ..
The rest is the same as in simpleclient
But that resulted in the mosquitto client shouting out to me that
certificate not received in a cryptic message.PS C:\Program Files\mosquitto> .\mosquitto.exe -c .\mosquitto.conf -v 1599155516: mosquitto version 1.6.10 starting 1599155516: Config loaded from .\mosquitto.conf. 1599155516: Opening ipv6 listen socket on port 8883. 1599155516: Opening ipv4 listen socket on port 8883. 1599155578: New connection from 192.168.1.34 on port 8883. 1599155578: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number 1599155578: Socket error on client <unknown>, disconnecting. 1599156145: mosquitto version 1.6.10 terminating PS C:\Program Files\mosquitto>
Maybe I am missing something here ?
Can someone please help me understand why the certificate is not sent in this situation ?Thanks,
Manu
wrote on 3 Sept 2020, 20:08 last edited byReplying to my own post. Please ignore the post. The issue was fixed by moving the config to the button press event. Things do work as expected.
Sorry about the noise.
Thanks
-
1/2