Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Adding TLS functionality to QT MQTT Simpleclient example



  • Greetings,

    I've been trying to add TLS support to qT MQTT/examples/mqtt/simpleclient

    This is with QT 5.15.0

    To start with, fiddled around with a QT console application to test TLS
    connectivity to the mosquitto server. This worked out as expected and can publish and subscribe.

    That said, back to the simple client;

    It appeared to me all that it required was

    client->connectToHostEncrypted(config);

    So, I added in the following:

    MainWindow::MainWindow(QWidget *parent)
    	: QMainWindow(parent)
    	, ui(new Ui::MainWindow)
    {
    	ui->setupUi(this);
    
    	QByteArray ba_crt;
    
    	QFile ca_crtf("C:/Program Files/mosquitto/certs_v4/ca.crt");
    	if (!ca_crtf.open(QIODevice::ReadOnly)) {
    		qDebug() << "ERROR: Opening file: ca.crt";
    	} else {
    		ba_crt = ca_crtf.readAll();
    		ca_crtf.close();
    		qDebug() << "Read CA certificate";
    	}
    
    	QSslCertificate ca_crt(ba_crt, QSsl::Pem);
    	QSslConfiguration config;				// Since QT 5.14, SSL transport config
    
    	client = new QMqttClient(this);
    	client->setHostname(ui->lineEditHost->text());
    	client->setPort(ui->spinBoxPort->value());
    
    	config.defaultConfiguration();
    	config.setProtocol(QSsl::TlsV1_2);			// needs to be handled explicitly with
    	config.addCaCertificate(ca_crt);			// client.connectToHostEncrypted(config);
    	config.setPeerVerifyMode(QSslSocket::VerifyNone);	// Dont check hostname from certificate
    	client->connectToHostEncrypted(config);
    
    	connect(client, &QMqttClient::stateChanged, this, &MainWindow::updateLogStateChange);
    	connect(client, &QMqttClient::disconnected, this, &MainWindow::brokerDisconnected);
    	connect(client, &QMqttClient::messageReceived, this, [this](const QByteArray &message, const QMqttTopicName &topic) {
    
        ..
    
    The rest is the same as in simpleclient
    

    But that resulted in the mosquitto client shouting out to me that
    certificate not received in a cryptic message.

    PS C:\Program Files\mosquitto> .\mosquitto.exe -c .\mosquitto.conf -v
    1599155516: mosquitto version 1.6.10 starting
    1599155516: Config loaded from .\mosquitto.conf.
    1599155516: Opening ipv6 listen socket on port 8883.
    1599155516: Opening ipv4 listen socket on port 8883.
    1599155578: New connection from 192.168.1.34 on port 8883.
    1599155578: OpenSSL Error[0]: error:1408F10B:SSL routines:ssl3_get_record:wrong
    version number
    1599155578: Socket error on client <unknown>, disconnecting.
    1599156145: mosquitto version 1.6.10 terminating
    PS C:\Program Files\mosquitto>
    

    Maybe I am missing something here ?
    Can someone please help me understand why the certificate is not sent in this situation ?

    Thanks,

    Manu



  • Replying to my own post. Please ignore the post. The issue was fixed by moving the config to the button press event. Things do work as expected.

    Sorry about the noise.

    Thanks


Log in to reply