Skip to content

Remove Secure Connection macro and add the config to wifimanager. #961

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
h2zero merged 1 commit into from
Jun 3, 2021
Merged

Remove Secure Connection macro and add the config to wifimanager. #961

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 1 addition & 4 deletions docs/upload/advanced-configuration.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ The MQTT broker is configured for TLS and you have access to the CA certificate
You are using ESP8266 or ESP32, for other boards TLS is not supported.

### Configure secure connection in the gateway
To enable the secure connection and use TLS uncomment `//#define SECURE_CONNECTION` in `User_config.h`.
To enable the secure connection and use TLS set the `#define MQTT_DEFAULT_SECURE` to true.
Set `MQTT_SERVER` to the Common Name (CN) of the certificate of the broker.
This can be the hostname or the ip of the broker.

Expand All @@ -28,9 +28,6 @@ const char* certificate CERT_ATTRIBUTE = R"EOF("
")EOF";
```

If you have no ntp server in your local network (included in the router) or not using dhcp, you should uncomment `//# define NTP_SERVER "pool.ntp.org"` to use a ntp server for time synchronization.
This is related to the `W: failed, ssl error code=54` error message, which indicate that the time of the esp is not correct.

You can know compile and upload to your board and the gateway should connect with TLS to your broker.

## Add the reveived "value" at the end of the topic
Expand Down
5 changes: 4 additions & 1 deletion docs/upload/portal.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ From your smartphone search for your OpenMQTTGateway wifi network and connect to
* Select your wifi
* Set your wifi password
* Set your MQTT Server IP
* Set your MQTT Server Port
* Set the MQTT secure connection box to select whether or not the connection should be secure
* Copy/paste the MQTT server certificate in the MQTT server cert box (only required if using a secure connection), be sure to include the `-----BEGIN CERIFICATE-----` and `-----END CERTIFICATE-----` markers
* Set your MQTT Server username (facultative)
* Set your MQTT Server password (facultative)
* Set your MQTT base topic if you need to change it (you must keep the / at the end)
Expand Down Expand Up @@ -55,4 +58,4 @@ build_flags =
'-DMQTT_USER="salut"'
'-DMQTT_PASS="atoi"'
'-DGateway_Name="OpenMQTTGateway_ESP32_OLM_GTW"'
```
```
33 changes: 9 additions & 24 deletions main/User_config.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,10 @@ const byte ip[] = {192, 168, 1, 99};
const byte mac[] = {0xDE, 0xED, 0xBA, 0xFE, 0x54, 0x95}; //W5100 ethernet shield mac adress
#endif

#ifndef NTP_SERVER
# define NTP_SERVER "pool.ntp.org"
#endif

#ifdef MQTT_HTTPS_FW_UPDATE
# if defined(ESP8266) || defined(ESP32)
//If used, this should be set to the root CA certificate of the server hosting the firmware.
Expand All @@ -89,7 +93,6 @@ const char* https_fw_server_cert PROGMEM = R"EOF("
...
-----END CERTIFICATE-----
")EOF";
# define NTP_SERVER "pool.ntp.org"
# ifndef MQTT_HTTPS_FW_UPDATE_USE_PASSWORD
# define MQTT_HTTPS_FW_UPDATE_USE_PASSWORD 1 // Set this to 0 if not using TLS connection to MQTT broker to prevent clear text passwords being sent.
# endif
Expand Down Expand Up @@ -142,16 +145,6 @@ const char* https_fw_server_cert PROGMEM = R"EOF("
# define mqtt_max_packet_size 128
#endif

// activate the use of TLS for secure connection to the MQTT broker
// MQTT_SERVER must be set to the Common Name (CN) of the broker's certificate
//#define SECURE_CONNECTION

#ifdef SECURE_CONNECTION
# define MQTT_DEFAULT_PORT "8883"
#else
# define MQTT_DEFAULT_PORT "1883"
#endif

#ifndef MQTT_USER
# define MQTT_USER "your_username"
#endif
Expand All @@ -162,11 +155,13 @@ const char* https_fw_server_cert PROGMEM = R"EOF("
# define MQTT_SERVER "192.168.1.17"
#endif
#ifndef MQTT_PORT
# define MQTT_PORT MQTT_DEFAULT_PORT
# define MQTT_PORT "1883"
#endif
#ifndef MQTT_SECURE_DEFAULT
# define MQTT_SECURE_DEFAULT false
#endif

#ifdef SECURE_CONNECTION
# if defined(ESP8266) || defined(ESP32)
#if defined(ESP8266) || defined(ESP32)
// The root ca certificate used for validating the MQTT broker
// The certificate must be in PEM ascii format
const char* certificate PROGMEM = R"EOF("
Expand All @@ -175,16 +170,6 @@ const char* certificate PROGMEM = R"EOF("
-----END CERTIFICATE-----
")EOF";

// specify a NTP server here or else the NTP server from DHCP is used
# ifndef NTP_SERVER
//# define NTP_SERVER "pool.ntp.org"
# endif
# else
# error "only ESP8266 and ESP32 support SECURE_CONNECTION with TLS"
# endif
#endif

#if defined(ESP8266) || defined(ESP32)
# define ATTEMPTS_BEFORE_BG 10 // Number of wifi connection attempts before going to BG protocol
# define ATTEMPTS_BEFORE_B 20 // Number of wifi connection attempts before going to B protocol
#endif
Expand Down
Loading