I want to establish a TLS connection from ESP8266 to a mosquitto MQTT Server.
I'm using the Adafruit example INO with WiFiClientSecure, which successfully connects to my Wifi works fine with other MQTT Servers (e.g. iot.eclipse.org:8883)
Just when I'm trying to connect to my own mosquitto instance, it fail In the mosquitto log shows:
OpenSSL Error: error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
My mosquitto.conf looks like this
pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
allow_anonymous false
listener 51883
password_file /etc/mosquitto/pwfile
conf.d contains:
cafile /etc/letsencrypt/live/<my-domain>/fullchain.pem
certfile /etc/letsencrypt/live/<my-domain>/fullchain.pem
keyfile /etc/letsencrypt/live/<my-domain>/privkey.pem
The certificates are generated using let's encrypt- Connection from MQTT-Dash (Adnroid App) works perfectly.
I couldn't figure out which TLS Version the WiFiClientSecure is using or how defne it.
Looking at this question asked today it seems you may have to specify a tls_version after all to get things to work
listener 8883 certfile /etc/letsencrypt/live/home.kamidesigns.be/cert.pem cafile /etc/letsencrypt/live/home.kamidesigns.be/chain.pem keyfile /etc/letsencrypt/live/home.kamidesigns.be/privkey.pem tls_version tlsv1.2