Hi I am trying to write an encrypting MQTT bridge on an ESP32, since most of commercial devices are on ESP8266 and cannot encrypt MQTT.
Running on port 1883 is unsafe.
Which certificate can I use with Thinger.io to forward on port 8883?
I still cannot connect MQTT to thinger.io on port 8883 encrypted with TLS
17:45:40.461 MQT: Attempting connection…
17:45:40.677 MQT: TLS connection error: 49
17:45:40.678 MQT: Connect failed to backend.thinger.io:8883, rc -2. Retry in 10 sec
17:45:42.977 QPC: Reset
Device ID and password do match.
The ESP32 device used can provide MQTT TLS:
Hi,
I googled the “TLS connection error: 49” and found this → Can't connect to Yandex Cloud MQTT broker (mqtt.cloud.yandex.net:8883) · Issue #13901 · arendst/Tasmota · GitHub
One collaborator wrote:
Hi,
According to BearSSL, error 49 isBR_ERR_X509_INDEFINITE_LENGTH
. Anyways, the CA from yandex is not recognized by Tasmota. The only way to connect is to use Fingerprint validation. With the latest development version (from no more than 2 days ago), you can enable Fingerprint withSetOption132 1
Hope this helps
Thank you. Is thinger.io freemium only accepting fingerprint validation?
That Russian Yandex is not accepted, is a good sign, but thinger.io, hosted on AWS Europe?
What else is the root CA used by thinger.io for its TLS encryption?
Setting option 132 partially solved the problem thinger connects now.
But a full blown TLS should be possible on AWS hosts, or not?
Finally I abandonned the pure MQTT bridge for a MQTT -Thinger converter working with the IOTMP protocol.
The Solution running on a simple ESP8266 can “talk” to up to 4 Tasmota devices, combine them and become a thinger.io device.
Here an example dashboard with the info from 3 Tasmota smart plugs and some weather info from OpenWeather.org: