MQTT connection disconnected after connected successfully over secure port 8883 with tls self-signed certificate

Question

MQTT connection disconnected after connected successfully over secure port 8883 with tls self-signed certificate

VijayGawade opened this issue 2 years ago · comments

Hi All

I am using Qt 5.9 with QMQTT-Emqx MQTT library for MQTT communication.

Currently, we have locally installed a mosquitto broker and configured it to use an SSL certificate with the client certificate required on Port 8883.

In our app, we connected to the broker with CA & Client certificate with the following code

    QSslConfiguration sslConfig;
    sslConfig.defaultConfiguration();
    sslConfig.setProtocol(QSsl::TlsV1_2);
    sslConfig.setPeerVerifyMode(QSslSocket::AutoVerifyPeer);
    sslConfig.setCaCertificates(caCertsList);
    sslConfig.setLocalCertificate(certs.first());
    sslConfig.setPrivateKey(QSslKey(clientKeyFile.readAll(), QSsl::Rsa));

    m_client = new QMQTT::Client("192.168.1.13", 8883, sslConfig, true);
    m_client->setClientId(MQTTConstant::clientId);

    connect(m_client, &QMQTT::Client::connected, this, &MqttController::onConnected);
    connect(m_client, &QMQTT::Client::disconnected, this, &MqttController::onDisconnected);
    connect(m_client, &QMQTT::Client::error, this, &MqttController::onError);

    m_client->setKeepAlive(10);
    m_client->setAutoReconnectInterval(1000);
    m_client->setCleanSession(true);
    m_client->setAutoReconnect(true);
    m_client->connectToHost();

Also I checked SSL library details as follows:

SSL Library Build Version: "OpenSSL 1.0.2j 26 Sep 2016"
SSL Support: true
SSL Library Version: "OpenSSL 1.0.2e 3 Dec 2015"
In onConnected() function I also able to publish messages successfully
But after that following logs are appearing

2022-06-30T16:24:00.639+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.643+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.646+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.652+05:30 ~ WRN ~ controller.mqtt 2022-06-30T16:24:00.654+05:30 ~ WRN ~ controller.mqtt 2022-06-30T16:24:00.657+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.661+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.664+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.667+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.669+05:30 ~ WRN ~ controller.mqtt 2022-06-30T16:24:00.671+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.744+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.747+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.750+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.752+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.754+05:30 ~ WRN ~ controller.mqtt 2022-06-30T16:24:00.756+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.788+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.791+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.794+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.798+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.800+05:30 ~ WRN ~ controller.mqtt 2022-06-30T16:24:00.802+05:30 ~ INF ~ controller.mqtt 2022-06-30T16:24:00.907+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.910+05:30 ~ DBG ~ controller.mqtt 2022-06-30T16:24:00.913+05:30 ~ INF ~ controller.mqtt ~ Disconnected from MQTT Broker !!! isConnectedToHost false
~ MqttController: Connected to MQTT Broker !!!
~ Subscribing to sensor/rtdata topic: true
~ Device is listening messages for Topic: "sensor/rtdata"
~ New Message Arrived... Topic: "sensor/rtdata" Payload: "This is test msg from windows-laptop"
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost true
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost true
~ Disconnected from MQTT Broker !!! isConnectedToHost false
~ MqttController: Connected to MQTT Broker !!!
~ Device is not connected to MQTT Broker !!!
~ Subscribing to sensor/rtdata topic: false
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost false
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost false
~ Disconnected from MQTT Broker !!! isConnectedToHost false
~ MqttController: Connected to MQTT Broker !!!
~ Device is not connected to MQTT Broker !!!
~ Subscribing to sensor/rtdata topic: false
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost false
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost false
~ Disconnected from MQTT Broker !!! isConnectedToHost false
~ MqttController: Connected to MQTT Broker !!!
~ Device is not connected to MQTT Broker !!!
~ Subscribing to sensor/rtdata topic: false
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost false
~ MQTT SSL Error: QMQTT::ClientError(SocketRemoteHostClosedError) isConnectedToHost false
~ Disconnected from MQTT Broker !!! isConnectedToHost false

Matthias Dieter Wallnöfer · Answer 1 · Tue Aug 02 2022 00:16:50 GMT+0800 (China Standard Time)

Sorry, I have overseen this issue. TLS is always a complicated topic, so I forward it to our experts.

@KonstantinRitt @ejvr any thoughts?

Konstantin Ritt · Answer 2 · Tue Aug 02 2022 18:45:00 GMT+0800 (China Standard Time)

It is hard to guess what goes wrong there without knowledge of what's actually set to ssl config.
First of all, try connecting to your broker with any other MQTT client.
If that works, connect to QSslSocket's encrypted, encryptedBytesWritten, peerVerifyError and sslErrors signals (somewhere at src/mqtt/qmqtt_ssl_socket.cpp#L48) and set breakpoints there (or put a meaningful debug message instead).

Either ensure "192.168.1.13" is the adequate host name for your self-signed certificate.