I have an ESP32 IDF project using version 5.5.0 and WiFi Mesh
My project uses MQTTS currently with Eclipse Broker (using TLS). It also supports OTA updates from an HTTPS server (again TLS)
Can I use both of these at the same time with different certificate PEM files or must these be the same?
I am finding I can run MQTT over TCP and OTA on HTTPS at the same time successfully.But if I switch to MQTTS - TLS my OTA HTTPS connection fails as follows:
W (11:14:05.778) aOTAHttps: OTA HTTPS Task running. Free Stack NOT used (bytes): 3716E (11:14:05.797) esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00E (11:14:05.799) esp-tls: create_ssl_handle failedE (11:14:05.800) esp-tls: Failed to open new connectionE (11:14:05.801) transport_base: Failed to open a new connectionE (11:14:05.804) HTTP_CLIENT: Connection failed, sock < 0E (11:14:05.807) esp_https_ota: ESP HTTP client perform failed: 28674E (11:14:05.809) aOTAHttps: ESP HTTPS OTA Begin failedI (11:14:05.811) aOTAHttps: OTA image size: -1E (11:14:05.812) esp_https_ota: esp_https_ota_get_img_desc: Invalid argumentI (11:14:05.813) aOTAHttps: Reading Image DescriptionE (11:14:05.813) aOTAHttps: esp_https_ota_read_img_desc failedE (11:14:05.816) aOTAHttps: OTA abortMy HTTPS config extract looks includes this:
esp_mqtt_client_config_t mqtt5_cfg = {}; brokerAddress = "mqtts://mqtt.eclipseprojects.io:8883"; mqtt5_cfg.broker.address.uri = brokerAddress.c_str(); mqtt5_cfg.broker.verification.certificate = (const char *)mqtt5_HiveHQ_io_pem_start; mqtt5_cfg.credentials.username = "uName"; mqtt5_cfg.credentials.authentication.password = "Pass_2345";My OTA config extract looks includes this:
esp_http_client_config_t config = { .url = CONFIG_EXAMPLE_FIRMWARE_UPGRADE_URL, .cert_pem = (char *)server_cert_pem_start, .timeout_ms = CONFIG_EXAMPLE_OTA_RECV_TIMEOUT, .keep_alive_enable = true,};See attached:
MQTT certificate = mqtt5_HiveHQ_io.pem
OTA HTTPS certificate = ca_cert.pem