Hi,
I have been trying to use the TLS option of the ArduinoMqttClient library with no luck.
I am trying to connect to a broker with a TLS layer activated. Also, username, password, and Client ID authentication are activated. I can connect using the non-secure port (i.e. 1883). I can connect using a Desktop Tool (MQTTX) and TLS by providing (in PEM format) the broker cert, client cert, and client private key. The client cert and the private key are generated by me using OpenSSL. The broker cert is provided to me by the broker company. So, there are no problems on the broker side and the TLS connection when the client correctly consumes the certs.
Now, the problem is that I'm trying to do the same from an Arduino Sketch using ArduinoMqttClient library and Nano 33 IoT board. I learned that I have to flash the certs on the WiFiNINA chip using either the IDE or the cmd tool (arduino_fwuploader). I managed to get the fwuploader and prepared the certs and issued the following command:
.\arduino-fwuploader.exe certificates flash --url arduino.cc:443 --file "C:\Users\Adel\Desktop\nano certs\broker.pem" --file "C:\Users\Adel\Desktop\nano certs\client_certificate.pem" --file "C:\Users\Adel\Desktop\nano certs\client_private.pem" -b arduino:samd:nano_33_iot -a COM12
As you can see I'm flashing three certs (Broker, Client Cert, and Client Key). However, the tool was able to flash the broker and client certs but not the client key, and the following response is what I got:
Error during certificates flashing: failed to parse certificate: x509: malformed tbs certificate
I then tried to only upload the two working certs and used the WiFiSimpleSender example while applying the comments for TLS:
// To connect with SSL/TLS:
// 1) Change WiFiClient to WiFiSSLClient.
// 2) Change port value from 1883 to 8883.
// 3) Change broker value to a server with a known SSL/TLS root certificate
// flashed in the WiFi module
and the mqtt connection failed with rc = -2. which is expected since the certs are not complete.
Any help regarding the flashing of the client's private key or any advice on how can I achieve the TLS MQTT connection using Arduino (Even if it requires using other boards of libraries) is highly appreciated.