Reputation: 1
STM32H7, NETX MQTT Client with mutual authentication
I have a local EMQX Broker with self signed certs that I can connect to and perform mutual authentication using MQTT Explorer.
Using a STM32H723 dev board as a client, I can connect with only the server validation enabled, when I enable client validation the board doesn't seem to send anything out and the secure connection fails with status NX_NOT_CONNECTED.
I'm calling the "nxd_mqtt_client_secure_connect" function with the "tls_setup_callback" and adding the "local cert" + key in the callback as follows,
ret = nx_secure_x509_certificate_initialize(&local_cert_ptr, (UCHAR*)new_client_der,
new_client_der_len, NX_NULL, 0,
new_client_rsa_der_der,new_client_rsa_der_der_len,
NX_SECURE_X509_KEY_TYPE_RSA_PKCS1_DER);
ret = nx_secure_tls_local_certificate_add(TLS_session_ptr, &local_cert_ptr);
The above appears to be loading various bits into the TLS_session_ptr as a local cert and these can be seen in the secure connection function.
Looking at Wireshark, no client hello etc. is being sent.
I think I'm missing a setting somewhere to tell netx / secure the local cert is for it to validate it's self with the server and not the other way around, thus it starts processing the "local cert" as if it's been sent to it.
Any help would be great.
Thanks
Shaun
Upvotes: 0
Views: 56