Adding TLS functionality to QT MQTT Simpleclient example
-
Greetings,
I've been trying to add TLS support to qT MQTT/examples/mqtt/simpleclient
This is with QT 5.15.0
To start with, fiddled around with a QT console application to test TLS
connectivity to the mosquitto server. This worked out as expected and can publish and subscribe.That said, back to the simple client;
It appeared to me all that it required was
client->connectToHostEncrypted(config);
So, I added in the following:
MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent) , ui(new Ui::MainWindow) { ui->setupUi(this); QByteArray ba_crt; QFile ca_crtf("C:/Program Files/mosquitto/certs_v4/ca.crt"); if (!ca_crtf.open(QIODevice::ReadOnly)) { qDebug() << "ERROR: Opening file: ca.crt"; } else { ba_crt = ca_crtf.readAll(); ca_crtf.close(); qDebug() << "Read CA certificate"; } QSslCertificate ca_crt(ba_crt, QSsl::Pem); QSslConfiguration config; // Since QT 5.14, SSL transport config client = new QMqttClient(this); client->setHostname(ui->lineEditHost->text()); client->setPort(ui->spinBoxPort->value()); config.defaultConfiguration(); config.setProtocol(QSsl::TlsV1_2); // needs to be handled explicitly with config.addCaCertificate(ca_crt); // client.connectToHostEncrypted(config); config.setPeerVerifyMode(QSslSocket::VerifyNone); // Dont check hostname from certificate client->connectToHostEncrypted(config); connect(client, &QMqttClient::stateChanged, this, &MainWindow::updateLogStateChange); connect(client, &QMqttClient::disconnected, this, &MainWindow::brokerDisconnected); connect(client, &QMqttClient::messageReceived, this, [this](const QByteArray &message, const QMqttTopicName &topic) { ..The rest is the same as in simpleclientBut that resulted in the mosquitto client shouting out to me that
certificate not received in a cryptic message.PS C:\Program Files\mosquitto> .\mosquitto.exe -c .\mosquitto.conf -v 1599155516: mosquitto version 1.6.10 starting 1599155516: Config loaded from .\mosquitto.conf. 1599155516: Opening ipv6 listen socket on port 8883. 1599155516: Opening ipv4 listen socket on port 8883. 1599155578: New connection from 192.168.1.34 on port 8883. 1599155578: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number 1599155578: Socket error on client <unknown>, disconnecting. 1599156145: mosquitto version 1.6.10 terminating PS C:\Program Files\mosquitto>Maybe I am missing something here ?
Can someone please help me understand why the certificate is not sent in this situation ?Thanks,
Manu
-
Greetings,
I've been trying to add TLS support to qT MQTT/examples/mqtt/simpleclient
This is with QT 5.15.0
To start with, fiddled around with a QT console application to test TLS
connectivity to the mosquitto server. This worked out as expected and can publish and subscribe.That said, back to the simple client;
It appeared to me all that it required was
client->connectToHostEncrypted(config);
So, I added in the following:
MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent) , ui(new Ui::MainWindow) { ui->setupUi(this); QByteArray ba_crt; QFile ca_crtf("C:/Program Files/mosquitto/certs_v4/ca.crt"); if (!ca_crtf.open(QIODevice::ReadOnly)) { qDebug() << "ERROR: Opening file: ca.crt"; } else { ba_crt = ca_crtf.readAll(); ca_crtf.close(); qDebug() << "Read CA certificate"; } QSslCertificate ca_crt(ba_crt, QSsl::Pem); QSslConfiguration config; // Since QT 5.14, SSL transport config client = new QMqttClient(this); client->setHostname(ui->lineEditHost->text()); client->setPort(ui->spinBoxPort->value()); config.defaultConfiguration(); config.setProtocol(QSsl::TlsV1_2); // needs to be handled explicitly with config.addCaCertificate(ca_crt); // client.connectToHostEncrypted(config); config.setPeerVerifyMode(QSslSocket::VerifyNone); // Dont check hostname from certificate client->connectToHostEncrypted(config); connect(client, &QMqttClient::stateChanged, this, &MainWindow::updateLogStateChange); connect(client, &QMqttClient::disconnected, this, &MainWindow::brokerDisconnected); connect(client, &QMqttClient::messageReceived, this, [this](const QByteArray &message, const QMqttTopicName &topic) { ..The rest is the same as in simpleclientBut that resulted in the mosquitto client shouting out to me that
certificate not received in a cryptic message.PS C:\Program Files\mosquitto> .\mosquitto.exe -c .\mosquitto.conf -v 1599155516: mosquitto version 1.6.10 starting 1599155516: Config loaded from .\mosquitto.conf. 1599155516: Opening ipv6 listen socket on port 8883. 1599155516: Opening ipv4 listen socket on port 8883. 1599155578: New connection from 192.168.1.34 on port 8883. 1599155578: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong version number 1599155578: Socket error on client <unknown>, disconnecting. 1599156145: mosquitto version 1.6.10 terminating PS C:\Program Files\mosquitto>Maybe I am missing something here ?
Can someone please help me understand why the certificate is not sent in this situation ?Thanks,
Manu
-
L lukutis222 referenced this topic on